Defense groups seek closer alignment in CISA self-attestation common form with NIST secure software framework

By Sara Friedman / July 6, 2023 at 10:46 AM
Two large defense contractor associations see a disconnect between the Cybersecurity and Infrastructure Security Agency's draft common form for self-attesting the security of software from contractors and the document behind the upcoming new policy, the NIST Secure Software Development Framework. CISA released a draft of the common form for comment in April. It's intended to make federal contractors raise the bar for the security of their software by making them self-attest their compliance with the SSDF. However, the two defense...

Not a subscriber? Sign up for 30 days free access to exclusive, behind-the-scenes reporting on defense policy and procurement.

Log in to access this content.