Tech industry group wants clarity over ‘broad’ NIST critical software definition, potential regulations

The Information Technology Industry Council is closely watching how NIST’s work to define critical software, as mandated by a May cyber executive order, will be utilized as the process to establish regulations for agencies and federal contractors moves forward, and has concerns over the breadth of potential federal requirements.

ITI supports the National Institute of Standards and Technology’s decision to “leverage” existing publications, such as the cybersecurity framework and Special Publication 800-53, and the security measures outlined in NIST’s latest...