Chris DeRusha, the federal chief information security officer, said the Office of Management and Budget plans to release new guidance intended to help agencies pursue secure software development.
The guidance, scheduled for release within the next eight to 12 weeks, will build on a Secure Software Development Framework and the Software Supply Chain Security Guidance, which the National Institute of Standards and Technology issued last month, Federal News Network reported Thursday.
DeRusha said Wednesday at a NIST-hosted workshop that adopting the framework would foster a culture change in agencies and some vendor organizations.
“This is about incenting the vendor communities that are serving and selling to the U.S. government to start adopting this framework and specifically secure development practices,” stated DeRusha, who is also a 2021 Wash100 Award.
Related Articles
The General Services Administration announced that the Federal Risk and Authorization Management Program, or FedRAMP, completed 114 cloud security authorizations in July for fiscal year 2025, more than double the number finished in FY 2024. GSA said Monday FedRAMP also authorized four new cloud service offerings through the FedRAMP 20x Phase One pilot. What Is FedRAMP 20x? Launched in March, FedRAMP 20x is a cloud-native authorization approach that seeks to reduce red tape and advance automation to enable companies to continuously validate the security of their cloud offerings. The framework seeks to simplify security requirements to speed up the authorization
The Department of the Air Force, in partnership with the Defense Innovation Unit, has unveiled Finance First, an initiative designed to accelerate development, deployment and financing of secure, resilient and reliable energy solutions at U.S. military installations. Finance First Builds on Private Sector Practices According to DIU, the program aims to improve energy resiliency and maintain uninterrupted mission operations by applying agile private sector practices to the design, financing and deployment of energy systems that can withstand grid instability, cyberattacks and other disruptions, while ensuring on-base power redundancy through an ‘all of the above’ approach to fuel sources and energy
Gen. Michael Erik Kurilla has stepped down as the commander of the U.S. Central Command, concluding a three-year tenure in the role. He handed over the command to Adm. Brad Cooper in a ceremony, CENTCOM said Friday. Commenting on his departure, Kurilla said, “It has been the honor of my life to have been their commander.” He welcomed the appointment of Cooper, saying that under his leadership, the “front lines of freedom will always succeed.” Who Is Gen. Michael Erik Kurilla? Kurilla has been CENTCOM’s commander since April 2022. Over the years, he headed the Airborne, Mechanized, Stryker, Ranger and