The Software & Information Industry Association (SIIA) has responded to the Cybersecurity and Infrastructure Security Agency’s (CISA) request for information on the white paper, “Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Secure by Design Software.” SIIA advocate for alignment with the NIST Secure Software Development Framework, emphasizing stakeholder engagement, and encouraging feedback from industry-led organizations. SIIA recommends adopting flexible principles over rigid controls for secure-by-design software, promoting government support for standardization, and incorporating vulnerability testing in procurement processes. Overall, SIIA strongly supports the objectives of the white paper while urging a collaborative approach with industry expertise and adherence to established frameworks.
Copyright 2021. The Software & Information Industry Association. All Rights