NIST Releases 'Critical Software' Definition for US Agencies
Healthcare Info Security
The National Institute of Standards and Technology has published its definition of what "critical software" means for the U.S. federal government, as the standards agency begins fulfilling some of the requirements laid out in President Joe Biden's executive order on cybersecurity.
As part of Biden's executive order published on May 12, federal agencies are now required to reexamine their approach to cybersecurity, which includes developing new ways to evaluate the software that departments buy and deploy as well as embracing modern approaches to security such as embracing "zero trust" and using multifactor authentication and encryption (see: Biden's Cybersecurity Executive Order: 4 Key Takeaways).
As one of the first deliverables to...