OSS strategy formulation
CISA Official Says Government Developing Open-Source Software Strategy
Allan Friedman, a Cybersecurity and Infrastructure Security Agency senior adviser, said that efforts are underway to devise a government-wide approach to open-source software, which is composed of publicly accessible and usable code. During a keynote speech at a Center for Strategic and International Studies event, he explained that the Office of the National Cyber Director is leading the effort and gathering specialists from CISA, the National Institute of Standards and Technology and the Federal Trade Commission to develop the plan, Nextgov reported.
Friedman addressed ongoing concerns about security risks associated with open-source software, pointing out that more risks are going to emerge as visibility into OSS increases.
Senate lawmakers proposed legislation in September 2022 intended to enhance federal efforts to mitigate risks in such software. Under the Securing Open Source Software Act, CISA and the Office of Management and Budget would be compelled to establish a risk assessment methodology and set secure usage guidelines.
Private sector organizations such as Amazon, Google and Microsoft have given public support to a security strategy for open-source software. Earlier in 2022, the Linux Foundation proposed that the government provide $150 million in funds toward issues involving production, vulnerability discovery and repair and patching response time.
Category: Digital Modernization