Cybeats Technologies Corp., is pleased to announce that yesterday, July 13, the White House published its National Cybersecurity Strategy Implementation Plan (NCSIP). The plan included SBOM (Software Bill of Materials) as one of the key pillars in its comprehensive approach and oversight of national cybersecurity.1
“Cybeats is at the forefront of a paradigm shift in cybersecurity, which includes SBOM as a momentous change in software supply chain practices including providing transparency to government institutions for enhanced risk mitigation,” said Yoav Raiter, CEO, Cybeats. “Several market segments have already begun to prioritize SBOM management and proactive cyber resilience efforts, but this White House announcement further exemplifies the widespread industry and regulatory tailwinds that are driving the market for SBOM Studio, and helped to fuel the impressive commercial expansion that Cybeats is achieving.”
“Cybeats is actively participating and contributing to the SBOM standard by participating in the working groups by CISA, and pleased to observe the U.S. administration and its push to the adoption of SBOM” said Dmitry Raidman, CTO, Cybeats. “This White House statement further validates the importance of enhanced transparency over the software supply chain, and we are excited to be at the forefront of this important industry shift.”
Five Pillars of the NCSIP
- Pillar One: Defending Critical Infrastructure
- Pillar Two: Disrupting and Dismantling Threat Actors
- Pillar Three:
“Software Bill of Materials: Increasing software transparency allows market actors to better understand their supply chain risk and to hold their vendors accountable for secure development practices. CISA continues to lead work with key stakeholders to identify and reduce gaps in software bill of materials (SBOM) scale and implementation. CISA will also explore requirements for a globally-accessible database for end of life/end of support software and convene an international staff-level working group on SBOM”.2
- Pillar Four: Investing in a Resilient Future
- Pillar Five: Forging International Partnerships to Pursue Shared Goals
Also Read: Blockchain and Cybersecurity: Potential Pitfalls
NCSIP Initiative 3.3.2 – Advance SBOM, Mitigate Software Risks
“In order to collect data on the usage of unsupported software in critical infrastructure, the Cybersecurity and Infrastructure Security Agency will work with key stakeholders to identify and reduce gaps in SBOM scale and implementation. CISA will also explore requirements for a globally-accessible database for end-of-life software and convene an international staff-level working group on SBOM. The Administration will promote the further development of SBOMs; and develop a process for identifying and mitigating the risk presented by unsupported software that is widely used or supports critical infrastructure.”
The Federal Government, in coordination with CISA, will develop a plan of action to secure software and systems through collective operational defense, increased availability of centralized shared services, and software supply chain risk mitigation. These initiatives will build on prior programs and prioritize actions that advance a whole-of-government approach to cyber defense. The software supply chain risk mitigation objective, developed in coordination with NIST will build on the implementation of EO 140283 from 2021, ‘Improving the Nation’s Cybersecurity,’ NIST’s Secure Software Development Framework, and related efforts to improve open-source security.
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.