Sorry, you need to enable JavaScript to visit this website.
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.

Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.

The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

  1. Home

Cybersecurity

NTIA’s cybersecurity multistakeholder processes, conducted in an open and transparent manner, contribute to the security of the nation’s Internet architecture. The consensus-based development of market-based cybersecurity solutions and guidance creates a foundation for increasing digital security. Recent processes include:

Related content

Testimony of Acting Assistant Secretary Rinaldo on Supply Chain Security, Global Competitiveness, and 5G

Chairman Johnson, Ranking Member Peters, and Members of the Committee, thank you for this opportunity to testify today on Supply Chain Security, Global Competitiveness, and 5G. During a time when an ever-changing landscape of services, technologies, and global industries are seeking to shape the development and deployment of 5G networks, NTIA collaborates with other Commerce bureaus and Executive Branch agencies to develop and advocate for domestic and international policies that preserve the open Internet and advance key U.S. interests.

Notice of 11/18/2019 Multistakeholder Process on Promoting Software Component Transparency Meeting

October 22, 2019

NTIA will convene a meeting of a multistakeholder process on promoting software component transparency on November 18, 2019 from 10:00 a.m. to 4:00 p.m., Eastern Time. The meeting will be held at the American Institute of Architects, 1735 New York Ave. NW, Washington, DC 20006. For further information contact Allan Friedman, National Telecommunications and Information Administration, U.S.

Topics
Internet Policy Task Force
Cybersecurity
Internet of Things

Moving Toward a More Transparent Software Supply Chain

September 30, 2019

Earlier this month, NTIA convened the latest in a series of multistakeholder meetings on software component transparency. For more than a year, stakeholders have been exploring this issue through four working groups established during the July 2018 kickoff meeting. The broader community meets periodically to share progress and encourage feedback through in-person and virtual meetings.

Most modern software is not written completely from scratch, but includes existing components, modules, and libraries from the open source and commercial software world. Modern development practices such as code reuse, and a dynamic IT marketplace with acquisitions and mergers, make it challenging to track the use of software components.

The Internet of Things and the emergence of Cyber-Physical Systems, which integrate computation, networking, and physical processes, compound this phenomenon, as new organizations, enterprises and innovators take on the role of software developer to add “smart” features or connectivity to their products. Although the majority of libraries and components do not have known vulnerabilities, the sheer quantity of software means that some software products ship with vulnerable or out-of-date components.

Subscribe to Cybersecurity RSS feed
Return to top