Software vulnerabilities
DHS Seeking Solutions to Patch Up Vulnerabilities in Critical Infrastructure Software
The Department of Homeland Security’s Science and Technology Directorate announced that it has partnered with the Cybersecurity and Infrastructure Security Agency to patch up known vulnerabilities in software used in critical infrastructure systems. Towards this end, a solicitation has been issued by the DHS seeking solutions to help secure the digital frameworks that people and organizations depend upon for essential services, the S&T Directorate said Monday.
Specifically, the “Software Supply Visibility Tools” topic call seeks technology to strengthen the software supply chain essential to protecting software and software-controlled systems. The initiative ultimately seeks to protect the delivery of key services, including communications, finance, transportation and energy, the S&T directorate said.
Melissa Oh, managing director of S&T’s Silicon Valley Innovation Program, said the topic call demands core capabilities that will “help bring transparency into the digital building blocks” used by organizations to conduct business and protect their networks.
For his part, Allan Friedman, a senior adviser and strategist at CISA, said that known vulnerabilities in the software commonly used by industries remain the most common path taken by malicious actors to inflict harm.
In 2022 alone, CISA issued at least 22 cybersecurity alerts as detailed on its website. In June, the agency, together with the Federal Bureau of Investigation and National Security Agency, announced that Chinese state-sponsored hackers have been targeting major telecommunications companies and network service providers since at least 2020.
Category: Cybersecurity