January 18, 2025
Daily News
Stakeholders call for CISA to align self-attestation efforts more closely with NIST secure software framework
The Cybersecurity and Infrastructure Security Agency can do more to encourage stronger alignment to specific practices from the NIST Secure Software Development Framework in the secure software self-attestation form as work continues to adjust requirements to agency needs, according to a recent Lawfare post.
“A revised attestation form should require a blanket attestation to all applicable practices identified in the NIST framework and without any added caveats,” a July 18 post in Lawfare's secure by design project says.
The...