This Risk & Repeat podcast episode discusses the White House's National Cybersecurity Strategy and its proposal to hold technology companies liable for insecure software.
The White House last week published a National Cybersecurity Strategy, the Biden administration's 39-page plan for securing the digital ecosystem.
One of the most notable aspects of the cybersecurity strategy involved the liability of software vendors and their responsibility to create secure software. Strategic Objective 3.3, "Shift Liability for Insecure Software Products and Services," argues that customers and users are often hurt the most by insecure software and that vendors should be held more responsible.
The White House plans to accomplish this by working with Congress and the private sector to develop legislation establishing software liability and creating a "safe harbor framework" so that companies following secure software best practices are protected. This has raised questions about where the line would be for secure software, how vendors will respond in the coming months and how small vendors might be treated differently from tech giants.
Other aspects of the National Cybersecurity Strategy involve the government's aggressive plan for disruption campaigns against ransomware, U.S.- based infrastructure being used for threat activity and the creation of a relief plan to be used in response to a theoretical cyber catastrophe.
TechTarget editors Rob Wright and Alex Culafi discuss the National Cybersecurity Strategy and the challenging task to establish software liability in this episode of the Risk & Repeat podcast.
Alexander Culafi is a writer, journalist and podcaster based in Boston.