Developing guidelines that result in minimum standards for vendors’ testing of their software source code. These guidelines aim to put into place processes to ensure that software is sufficiently safe and secure.
Publishing guidance that identifies practices to enhance software supply chain security. This guidance aims to foreclose, to the extent feasible, malicious software from third parties from sneaking into the various subcomponents that make up modern software.
Initiating labeling programs related to the Internet of Things (IoT) and software to inform consumers about the security of their products. This task aims to provide consumers with a ratings scale that helps them better understand the security level of their hardware IoT devices and software.
The Cybersecurity Framework is a critical reference document for organizations to consult in the NIST tasks completed or underway. In particular, all the software security measures count the Framework as an informative reference.
Notes
1 1Executive Order No. 13636 – Improving Critical Infrastructure Cybersecurity, February 12, 2013, at https://www.whitehouse.gov/the-press-office/2013/02/12/executive-order-improving-critical-infrastructure-cybersecurity.
2 2NIST Cybersecurity Framework, https://www.nist.gov/cyberframework/framework.
3 3Cybersecurity and Infrastructure Security Agency, Critical Infrastructure Sectors, https://www.cisa.gov/critical-infrastructure-sectors.
4 4Cybersecurity Framework 1.1 https://www.nist.gov/cyberframework/framework.
5 5NIST Framework, p. 5.
6 6See https://nvlpubs.nist.gov/nistpubs/CSWP/NIST.CSWP.04162018.pdf Appendix A.
7 7NIST Framework p. 11.
Конец ознакомительного фрагмента.
Текст предоставлен ООО «ЛитРес».
Прочитайте эту книгу целиком, купив полную легальную версию на ЛитРес.
Безопасно оплатить книгу можно банковской картой Visa, MasterCard, Maestro, со счета мобильного телефона, с платежного терминала, в салоне МТС или Связной, через PayPal, WebMoney, Яндекс.Деньги, QIWI Кошелек, бонусными картами или другим удобным Вам способом.
