I am a member of Revenera’s OSPO and cybersecurity teams, and I wanted to make everyone aware that the National Cybersecurity Strategy (https://lnkd.in/gB9Su3mk) was published on March 2nd. Lots of collaboration between the public and private sector went into this strategy and it is a very significant milestone in the ultimate goal of improving the nation's cybersecurity.
Whether your organization is a software and/or a software buyer, this is worth following for future developments as new legislation follows the strategy.
Here's a few of my initial thoughts:
It is great to see references to the importance of SBOMs
Make sure your security controls are periodically assessed for conformance with emerging risks as these regulations further evolve
Make sure your OSPO and Cybersecurity teams are discussing alignment to mitigate potential product liability problems in the near future
