Cybersecurity
NTIA’s cybersecurity multistakeholder processes, conducted in an open and transparent manner, contribute to the security of the nation’s Internet architecture. The consensus-based development of market-based cybersecurity solutions and guidance creates a foundation for increasing digital security. Recent processes include:
- Software component transparency -- creating guidance for the use of a “Software Bill of Materials,” which functions as a list of ingredients that make up software components
- Internet of Things security – addressing key aspects of IoT security, including upgradability and patchability of connected devices
- Cybersecurity vulnerability disclosures – increasing collaboration between security researchers and software and system developers and owners
Related content
Stakeholders Prepare for Further Work on Software Transparency in 2020
Participants in NTIA’s software security multistakeholder effort made significant progress this year, publishing the first set of community-drafted documents to offer guidance around the practice of a software bill of materials (SBOM). The SBOM functions as a “list of ingredients” for software that can help organizations keep track of the underlying components that make up almost all software today.
We are excited that the broader community is already using these resources, and we’re looking forward to refining the concept at the technical level. During the most recent meeting in November, the community agreed to continue their work in 2020, with a focus on making transparency an easy-to-use feature of the software marketplace.
Moving forward, in four parallel work streams, stakeholders plan to:
Remarks of Acting Assistant Secretary Rinaldo at CSDE Forum
Archive Webcast of 11/18/2019 Meeting on Promoting Software Component Transparency
Meeting presentations: