Sorry, you need to enable JavaScript to visit this website.
Skip to main content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.

Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.

The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Cybersecurity

NTIA’s cybersecurity multistakeholder processes, conducted in an open and transparent manner, contribute to the security of the nation’s Internet architecture. The consensus-based development of market-based cybersecurity solutions and guidance creates a foundation for increasing digital security. Recent processes include:

Related content


Request for Comments on Competition in the Mobile App Ecosystem

April 21, 2022
Docket Number
NTIA-2022-0001

NTIA is requesting comments on competition in the mobile application ecosystem.  The data gathered through this process will be used to inform the Biden-Harris Administration’s competition agenda, including, but not limited to, the Department of Commerce’s work developing a report to submit to the Chair of the White House Competition Council regarding the mobile application ecosystem. 

Topics

Marking the Conclusion of NTIA’s SBOM Process

April 9, 2022

In 2018, NTIA launched its Multistakeholder Process on Software Component Transparency, bringing together an active, engaged community to formulate and establish a software bill of materials (SBOM) – a nested inventory that makes up the “ingredients list” for software.

The stakeholders in our process initially focused on defining the problem: the what, the why, and the how of software component transparency. They established common, consensus definitions, and emphasized the importance of a "baseline" SBOM.

Experts from the healthcare and medical device community stepped up early in the process to demonstrate that this idea was both feasible and useful for their industry.  They launched the first SBOM "proof of concept," sharing their experiences, successes, and challenges in public documentation from which the broader community could learn.

Next, the community shifted its efforts to jumping technical hurdles, as well as identifying existing tools and gaps in the ecosystem.

They emphasized a mantra of "crawl, then walk, then run" to promote adoption across the ecosystem. They developed videos to help educate the public.

Along the way, what was an obscure idea became a key part of the global agenda around securing software supply chains.

Topics

NTIA Releases Minimum Elements for a Software Bill of Materials

July 12, 2021

In his Executive Order (EO) on Improving the Nation’s Cybersecurity, President Biden identified the prevention, detection, assessment and remediation of cyber incidents as a top priority of his Administration. The Commerce Department and NTIA were directed by the EO to publish the minimum elements for a Software Bill of Materials (SBOM), a key tool to help create a more transparent and secure software supply chain. As the President notes, “the trust we place in our digital infrastructure should be proportional to how trustworthy and transparent that infrastructure is.”

An SBOM provides those who produce, purchase, and operate software with information that enhances their understanding of the supply chain. Though an SBOM won’t solve all software security problems, it offers the potential to track known newly emerged vulnerabilities and risks, and it can form a foundational data layer on which further security tools, practices, and assurances can be built.

Subscribe to Cybersecurity RSS feed