In this Cybersecurity Minute, Episode 31, Chris Hughes explains recent legislation introduced by Senate lawmakers that would enhance open-source software security.
00:14 – Recently, Senate lawmakers introduced a bill that CISA (Cybersecurity and Infrastructure Agency) will develop a risk framework to strengthen the security of open-source software, Chris says.
00:28 – Chris says it is clear that the Securing Open Source Software Act, as the bill is called, emphasizes how critical open-source software is to national security and society, but it “comes on the heels” of other efforts to secure the software supply chain, like the updated guidance coming from NIST and memos from the Office of Management and Budget (OMB).
01:11 – Chris says the bill calls on CISA to bring in higher open-source software experts who can address incidents within the cybersecurity ecosystem. The bill also proposes to establish a software security subcommittee in addition to CISA’s cybersecurity advisory committee.
Want more cybersecurity insights? Subscribe to the Cybersecurity as a Business Enabler channel: