The White House is contemplating the use of cybersecurity ratings and standards for U.S. software, a move akin to how New York City grades restaurants on sanitation or Singapore labels internet of things devices, a senior administration official told reporters on Friday. “There will be ideas coming on both of those in an executive action in the next few weeks,” the official said, briefing reporters on the condition of anonymity about simultaneous major security incidents that continue to roil the country: the SolarWinds supply chain attack, and the exploitation of Microsoft Exchange Server vulnerabilities. The concept of government labeling and grading in cybersecurity isn’t entirely new. Some experts have long coveted an Energy Star-style rating system resembling the program that the Environmental Protection Agency and Energy Department use to promote energy-efficient devices. Among them: the Cybersecurity Solarium Commission, which last year recommended that Congress establish a National Cybersecurity Certification and […]
The post Biden administration mulls software security grades after SolarWinds appeared first on CyberScoop.
Continue reading Biden administration mulls software security grades after SolarWinds→