CISA Calls on Tech Vendors to Supply Secure Software Automatically

Date:

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation, and the National Security Agency (NSA) recently issued new guidance urging software manufacturers to take measures to ensure the products they ship are secure-by-design, “out of the box.” This new report, named “Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Security-by-Design and -Default,” encourages companies to build their systems in a way that prevents customers from having to perform continuous monitoring, updates, and damage control.

Not only is this good practice, but it is also an effective way to mitigate bugs and vulnerabilities before the products are released. It can require time and resources, which can be an issue for organizations trying to balance their budget.

Recently, the European Union passed the Cyber Resilience Act which laid out a cybersecurity framework for hardware and software producers to improve the security of products. It is part of an industry shift that moves the burden of security away from the customers and toward the software manufacturers.

Ray Kelly, a Fellow at the Synopsys Software Integrity Group, stated that “Building security into the design process is not only good practice, it’s also very effective in mitigating flaws in software before they reach the consumer. The challenge, however, is for organizations to adopt these practices without affecting the business, as this process takes time and requires resources that can impact the bottom line.”

The Synopsys Software Integrity Group is the world’s leading provider of Software Composition Analysis (SCA) products, with their offerings comprising the most comprehensive SCA solution available in the market. It provides organizations with tools to create secure and high-quality software through advanced risk analysis capabilities. Ray Kelly brings extensive expertise in software development and security engineering to the Synopsys Software Integrity Group, and is a leading voice in the industry on issues pertaining to software security and reliability.

See also  FBI Disrupts Major Chinese Hacking Campaign Targeting US Infrastructure

Furthermore, Synopsys Software Integrity Group is hosting an event called the AI Investment Summit in San Francisco on July 11th and 12th. It is a platform for top executives to discuss how to optimize and integrate AI investments for success.

In conclusion, CISA’s new guidelines aim to influence software manufacturers to ship secure products “out of the box.” Both the Cyber Resilience Act and CISA’s new guidance signal a shift away from the customer having to shoulder the responsibility of product security to the active participation of software vendors. The Synopsys Software Integrity Group, with their expertise and offerings on software security and reliability, is an attractive platform for leaders to join and discuss how to maximize their AI investments.

Frequently Asked Questions (FAQs) Related to the Above News

Please note that the FAQs provided on this page are based on the news article published. While we strive to provide accurate and up-to-date information, it is always recommended to consult relevant authorities or professionals before making any decisions or taking action based on the FAQs or the news article.

Share post:

Subscribe

Popular

More like this
Related

Obama’s Techno-Optimism Shifts as Democrats Navigate Changing Tech Landscape

Explore the evolution of tech policy from Obama's optimism to Harris's vision at the Democratic National Convention. What's next for Democrats in tech?

Tech Evolution: From Obama’s Optimism to Harris’s Vision

Explore the evolution of tech policy from Obama's optimism to Harris's vision at the Democratic National Convention. What's next for Democrats in tech?

Tonix Pharmaceuticals TNXP Shares Fall 14.61% After Q2 Earnings Report

Tonix Pharmaceuticals TNXP shares decline 14.61% post-Q2 earnings report. Evaluate investment strategy based on company updates and market dynamics.

The Future of Good Jobs: Why College Degrees are Essential through 2031

Discover the future of good jobs through 2031 and why college degrees are essential. Learn more about job projections and AI's influence.