Secure Software Development Attestation: A(nother) Government Requirement – JD Supra

On September 14, 2022, the Office of Management and Budget (“OMB”) issued a memorandum on Enhancing the Security of the Software Supply Chain through Secure Software Development Practices (“OMB Memo”) to help ensure software security. While the OMB Memo provides direction to agencies, a…….

npressfetimg-571.png

On September 14, 2022, the Office of Administration and Price range (“OMB”) issued a memorandum on Enhancing The safety of the Computer software Current Chain by way of Safe Computer software Enchancment Practices (“OMB Memo”) To assist enconstructive software safety. Whereas the OMB Memo provides course to enterprisees, any agency that produces software (outlined as agencyware, working methods, softwares and software providers, Similar to cloud-based mostly Computer software as a Service, or merchandise that embrace software) and expects to license to authorities finish clients should:

  • Develop the software in accordance with the Nationwide Institute of Requirements and Know-how (“NIST”) hazard-based mostly secure software development regulars,
  • Current a self-attestation, and
  • Produce, if requested, docation Similar to a software invoice of supplies or participation in a vulnerability discloconstructive program.

These requirements apply to agency (and contractor) use of software developed, As properly as to Using present software That is modified by primary mannequin modifications, after September 14, 2022.

Background

Final yr, President Biden required federal enterprisees To reintypeationrce agency cybersafety capabilities and shield the nation’s essential software supply chain. See Government Order 14028 (“Cyber EO”). The Cyber EO tasked NIST with creating steerage on supply chain safety which NIST accomplished in February 2022. NIST developed and revealed the NIST Guidance consisting of: (1) the Safe Computer software Enchancment Framework (“SSDF”) Version 1.1 detailing secure software development biggest practices, and (2) Current Chain Security Guidance for federal enterprisees on The biggest Method To accumulate software, collectively with open-supply software and agency-developed software.

Final week’s OMB Memo requires federal enterprisees to Adjust to the NIST Guidance when using third-celebration “software” on the agency’s intypeation methods or completely differentwise affecting the agency’s intypeation.

What Must Corporations …….

Source: https://www.jdsupra.com/legalnews/secure-software-development-attestation-4611022/

Tags:

More Stories

Iola grandmother loses $20000 to fraud – Waupaca County News

Gluesenkamp Pérez defeats Trump-backed Kent in Washington’s 3rd Congressional District – Axios

Center for Investigative Reporting Sues DOL for Withholding Federal Contractor EEO-1 Reports – Lexology

You may have missed

boosting immunity with herbs

Why Should You Consider Herbal Immune Support?

promote wellness with herbs

Boost Your Immune System With Herbal Remedies

herbal remedies for immunity

What Herbal Remedies Can Boost Your Immune System?

herbal remedies for digestion

7 Traditional Herbal Remedies for Digestive Health

traditional healing for digestion

What Traditional Healing Practices Support Digestive Health Naturally?