In episode 31 of the Cybersecurity Minute, Chris Hughes explains the recent release from the National Security Agency (NSA) of software supply chain security guidance for developers. Chris says this comes in response to many large supply chain organizations falling victim to software compromises.
00:13 – Chris says this NSA guidance is the first of a three-part series with the initial release being on aspects of the developer, and the final two parts focusing on suppliers and customers.
01:04 – The software security guidance for developers lays out the best security practices around architecture and shows them how their software can be targeted by malicious actors.
01:45 – Chris explains that much of the guidance in the NSA release emphasizes the Secure Software Development Framework, which also has plenty of information on secure coding practices and threat modeling.
03:20 – Software cybersecurity is not a new issue but is continuing to gain attention from larger organizations as malicious actors continue to use it as an attack vector.
Want more cybersecurity insights? Subscribe to the Cybersecurity as a Business Enabler channel: