Cybersecurity
NTIA’s cybersecurity multistakeholder processes, conducted in an open and transparent manner, contribute to the security of the nation’s Internet architecture. The consensus-based development of market-based cybersecurity solutions and guidance creates a foundation for increasing digital security. Recent processes include:
- Software component transparency -- creating guidance for the use of a “Software Bill of Materials,” which functions as a list of ingredients that make up software components
- Internet of Things security – addressing key aspects of IoT security, including upgradability and patchability of connected devices
- Cybersecurity vulnerability disclosures – increasing collaboration between security researchers and software and system developers and owners
Related content
Enhancing the Digital Economy Through Collaboration on Vulnerability Research Disclosure
Promoting and preserving the digital ecosystem is a core mission of the Department of Commerce, and the security and resiliency of that ecosystem is vital. For the digital economy to thrive, users must trust that their personal data and the systems and websites they use every day are as secure as possible.
To help support this goal, the Department of Commerce announced in March an initiative to address key cybersecurity issues facing the digital economy that could be best addressed by a consensus-based multistakeholder process. Based on input from a broad range of stakeholders, we are today announcing that the first cybersecurity multistakeholder process will launch in September and will focus on vulnerability research disclosure. The goal of this process will be to bring together security researchers, software vendors, and those interested in a more secure digital ecosystem to create common principles and best practices around the disclosure of and response to new security vulnerability information.
Comments on Stakeholder Engagement on Cybersecurity in the Digital Ecosystem
Public comments received on Stakeholder Engagement on Cybersecurity in the Digital Ecosystem. See Federal Register Notice: Request for Comments
Notice of Comment Deadline Extension - Stakeholder Engagement on Cybersecurity in the Digital Ecosystem
The Department of Commerce Internet Policy Task Force (IPTF) announces that the closing deadline for submitting comments responsive to the request for public comments to identify substantive cybersecurity issues to be addressed by a multistakeholder process has been extended until 5:00 p.m. Eastern Daylight Time (EDT) on Wednesday, May 27, 2015.