Communications of the ACM

Home/News/CISA Releases Secure-by-Design, -Default Guidance/Full Text

ACM News

CISA Releases Secure-by-Design, -Default Guidance

By Government Technology
April 14, 2023
Comments

View as: Print Mobile App Share:

The new release from CISA and its partners is meant to advance discussions. — The provides both core guiding principles and more specific technical recommendations.

Credit: Shutterstock

Federal cyber officials have long called for software manufacturers to take more responsibility for preventing cyber attackers from exploiting their products. Now, officials are moving toward seeing that call put into action.

CISA, the FBI, the National Security Agency (NSA) and partner nations' cybersecurity authorities released a report today that's intended to guide software manufacturers toward a new approach. The recommendations aim to ensure products are already designed and configured for strong security before they reach end users.

Former National Cyber Director Chris Inglis and now-acting National Cyber Director Kemba Walden have previously highlighted this issue. Tech companies have the resources and reach to make real change, but too often it's the end users who are expected to shoulder most of the burden of patching, evading phishing schemes and otherwise heading off incidents, Walden said during a discussion last month. A single person's password mistake shouldn't be able to turn into a Colonial Pipeline-level crisis, Walden said.

From Government Technology
View Full Article

No entries found

CISA Releases Secure-by-Design, -Default Guidance

ISS Gets SSD Upgrade

Internet of Things Security and Privacy Labels Should Empower Consumers

The Role of Autonomous Machine Computing in Shaping the Autonomy Economy