Stakeholders see opportunities in CISA secure software principles, raise questions on implementation

CISA’s set of principles for secure-by-design and -default are ambitious, according to stakeholders who are weighing in on implementation and how to make the publication endorsed by international partners successful in the long run.

“We support CISA and other government’s efforts to encourage secure software development practices. We hope that this guidance does not diverge from or create additional expectations around the work happening at CISA and OMB regarding self-attestation to the NIST Secure Software Development Framework,” Ross Nodurft, executive...