A provision in the National Defense Authorization Act under debate on the Senate floor could have big implications by requiring Defense Department solicitations to include certain software security criteria. Language in the bill would direct the department’s undersecretary for acquisition and sustainment to coordinate with the CIO to “develop requirements for inclusion in solicitations for both commercial and developmental solutions, and for the evaluation of bids, of appropriate software security criteria.” It would include: “delineation of what processes were or will be used for a secure software development lifecycle, including management of supply chain and third-party software sources and component risks; and an associated vulnerability management plan or tools.”
Cybersecurity, Privacy, & AI
Trending Now
Daybreak Is OpenAI’s Answer to the AI Arms Race in Cybersecurity • Cyber Operations Aren’t Slow — Our Thinking Is • ‘No Time to Waste’ in Prepping Governments for AI Cyber Threats, Top Dem Lawmaker Says • ‘Insatiable Appetite’ for AI: Maven Usage Surged for Strikes on Iran, Pentagon AI Chief Says • Navigating Automation, Robotics, AI, and Data in a QMSR-Driven Manufacturing World
Senate Defense Authorization Amendment Looks to Advance More Secure Software Procurement
Gorodenkoff | Shutterstock
Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.