Inside Cybersecurity

October 3, 2022

Daily News

OMB memo directs agencies to use NIST secure software framework as part of procurement

By Sara Friedman / September 14, 2022

The Office of Management and Budget is instituting a self-attestation security policy for software purchased by federal agencies through a new memorandum that outlines how NIST’s Secure Software Development Framework will be implemented in practice, including guidance on Software Bill of Materials use.

The memo fulfills a requirement from President Biden’s 2021 cyber executive order to secure federal networks. NIST released the SSDF in February along with a guidance on how to use the publication from a software purchaser viewpoint...

Log in to access this content.

Not a subscriber? Sign up for 30 days free access to exclusive news and analysis on cybersecurity regulations and more.