DHS’ CISA published a request for feedback on a self-attestation form that vendors can use to show compliance with secure software development practices when providing services to federal agencies.
The request is a task assigned to CISA under the September 14, 2022 OMB Memo on enhancing software supply chain security. The deadline for feedback is June 26, and comments are requested on various aspects of the proposed collection of information. The actual form is 10 pages and includes basic company and product information, secure software development practices, and a required signature from a company CEO or designee. Agencies are expected to start collecting attestation forms from vendors in June 2023.
April 28, 2023
The House Committee on Homeland Security’s Subcommittee on Cybersecurity and Infrastructure Protection discussed the state of U.S. cybersecurity from the perspective of the Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly. Listen here to Jen’s opening remarks along with both Chair Andrew Garbarino (R-NY) and Ranking Member Eric Swalwell (D-CA) touting the bipartisan work of the agency.
NERC NEWS: Transformational Vision Remains Strong Across ERO Enterprise
Read the Full Article Here; the challenges and opportunities facing the electric utility industry
LATEST BLOG: Why NERC CIP is Important to our National Cybersecurity Strategy
Read full Blog here; how and why the NERC CIP standards help to ensure the electric power grid remains secure and reliable.
NP News Updates:
Introducing Next-Gen Access Rules and Object Groups Tables
With the latest upgrades to our Access Rules and Object Groups table reports, Rule Review in NP-View has been supercharged. See twice as many rows and cells at one time as before, significantly increasing the context with which your organization can understand your ruleset, and decreasing the time it takes to analyze your network.
We are also proud to announce that default Conditional Formatting has been included in the upgraded tables. Using the power of color to highlight and bring attention to what’s most important right away, your organization can identify risky rules faster than ever before.
Our upgraded tables pack an additional set of new and improved capabilities, stay tuned for the next announcement!
→ENGAGEMENTS & PARTNERSHIPS
Network Perception is proud to announce our participation alongside other esteemed companies in ETHOS (Emerging THreat Open Sharing), an open-source, vendor-agnostic tech platform for sharing threat info across industries with peers and governments, to combat cyberthreats.
In Part 2, our panelists will cover the essential preparation and performance elements required for meeting CIP-003-9 Standard Requirements, along with key considerations for cybersecurity that should be taken into account.