Acting CISA director Brandon Wales, says that the government will be establishing new security standards for providers of its IT in the coming weeks. Those rules might require vulnerability disclosure policies that encourage security researchers to find and report weaknesses in their products, as CISA currently requires of federal agencies.
Tech industry leaders are hoping for changes from the previous administration’s effort to restrict technology from “foreign adversaries,” leaving the definition of that up to a new implementing rule from the Secretary of Commerce. The Information Technology Industry Council said that “the scope and breadth of this rule remains impossibly broad and raises significant due process concerns.”
Source:
