Open source security is a top, unavoidable priority in 2023. With a continued barrage of open source supply chain vulnerabilities, the U.S. government has started to issue more detailed cybersecurity guidelines for software in use at government agencies, some with deadlines approaching in the next couple of months. And other governments worldwide are taking similar steps.
In May 2021, The White House issued Executive Order 14028 on Improving the Nation’s cybersecurity in response to increasing digital threats like the one that impacted SolarWinds and its customers. Following directives from Executive Order 14028, the National Institute of Standards and Technology (NIST) published specific guidance on secure software development standards (including for third-party software) in its NIST Secure Software Development Framework and NIST Software Supply Chain Security Guidance documents. Next, came White House Office of Management and Budget (OMB) memorandum M-22-18, which stated that organizations will need to self-attest that they comply with all the proposed NIST guidelines by as soon as June 2023, among other key deadlines.
Tune in Thursday, Feb. 16 at 2 p.m. ET when Tidelift CEO and co-founder Donald Fischer details all of the new government regulations, impending deadlines and how to meet them, and ways to improve the security and resilience of your organization's open source software supply chain along the way. Learn more about government cybersecurity requirements and register today.
Top comments (0)