Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home News

CISA Seeks Input on Secure Software

December 21, 2023
Reading Time: 2 mins read
in News
CISA Seeks Input on Secure Software

The Cybersecurity and Infrastructure Security Agency (CISA) has announced a Request for Information (RFI) aimed at soliciting insights from various stakeholders on secure by design software practices. This initiative is part of CISA’s broader secure by design campaign, with the objective of fostering collaboration globally. The RFI specifically references the “Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Secure by Design Software” whitepaper and invites input from interested parties.

CISA seeks information on several key aspects, including integrating security early into the software development life cycle (SDLC), the incorporation of security education in higher education curricula, addressing recurring vulnerabilities, considerations for operational technology (OT), and the economics of implementing secure by design principles. The agency is interested in understanding the necessary changes for software manufacturers, especially smaller ones, to build and maintain secure software.

Additionally, CISA is exploring the role of education in promoting foundational security knowledge, evaluating security skills during hiring, and addressing recurring vulnerabilities through programs like CVE and CWE. CISA Director Jen Easterly emphasizes the importance of incorporating a wide range of perspectives to drive the secure by design campaign forward. The RFI responses will contribute to defining the path ahead, aligning with the President’s National Cybersecurity Strategy’s call for a shift in responsibility for security from customers to software manufacturers.

The guidance, jointly sealed by 18 U.S. and international agencies, encourages software manufacturers to build products that reduce the cybersecurity burden on customers. CISA also recently launched Secure by Design Alerts highlighting real-world harms resulting from technology products lacking secure design. CISA, along with its partners, invites technology manufacturers and stakeholders to review the RFI and provide written comments by February 20, 2024. The feedback received will inform future iterations of the whitepaper and collaborative efforts with the global community.

This proactive approach aligns with CISA’s role as the nation’s cyber defense agency and national coordinator for critical infrastructure security, leading efforts to understand, manage, and reduce risks to both digital and physical infrastructure essential to Americans. Interested parties can direct questions about the RFI to SecureByDesign@cisa.dhs.gov, and further information about the Secure by Design initiative is available on the CISA webpage.

Reference:
  • CISA Seeks Input on Secure by Design Software in RFI
Tags: Cyber NewsCyber News 2023Cyber RiskCyber threatsCybersecurityCybersecurity and Infrastructure Security AgencyDecember 2023international agenciesRequest for Information
ADVERTISEMENT

Related Posts

Microsoft Pakistan Operations Shut Down

Samsung boosts One UI 8 security

July 9, 2025
Microsoft Pakistan Operations Shut Down

US Gov Cracks Down Aeza Group

July 9, 2025
Microsoft Pakistan Operations Shut Down

Microsoft Pakistan Operations Shut Down

July 9, 2025
AT&T Agrees to $177M Breach Settlement

AT&T Agrees to $177M Breach Settlement

July 8, 2025
AT&T Agrees to $177M Breach Settlement

Alleged Hafnium Hacker Arrested in Italy

July 8, 2025
AT&T Agrees to $177M Breach Settlement

Parrot OS 6.4 Adds New Hacking Tools

July 8, 2025

Latest Alerts

Windows BitLocker Vulnerability Flaw

Anatsa Android Trojan Targets 90K Users

Hackers Use Leaked Shellter License Malware

New Ransomware BERT Targets ESXi Systems

NordDragonScan Malware Steals Windows Data

AMOS Mac Stealer Adds Persistent Backdoor

Subscribe to our newsletter

    Latest Incidents

    Credit Reports Breached And Sold On Dark Web

    Recruiting Software Exposed 26M Resumes

    Norwegian Municipalities Hit by Data Breach

    French Chip Firm Semco Hacked During IPO

    Louis Vuitton Korea Hit By Cyberattack

    Virginia School District Hit By Cyberattack

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial