CISA announces open source software security roadmap

Image via Unsplash

The Cybersecurity and Infrastructure Security Agency (CISA) published the Open Source Software Security Roadmap that articulates how the agency will enable the secure usage of open source software within the federal government and support a healthy, secure and sustainable global open source software ecosystem.

The roadmap lays out four goals with supporting objectives to be implemented Fiscal Year 2024-2026:

Goal 1: Establish CISA’s Role in Supporting the Security of Open Source Software
Goal 2: Drive Visibility into Open Source Software Usage and Risks
Goal 3: Reduce Risks to the Federal Government
Goal 4: Harden the Open Source Software Ecosystem

Open source software allows anyone to access, modify, and distribute source code, which can lead to greater collaboration and higher-quality code. By making code more readily available for reuse, open source software can help spur and fast track innovation. At the same time, open source software can be a target for supply chain attacks and latent vulnerabilities — much like in proprietary software — can have significant consequences. One study found that open source software was present in 96% of studied codebases across various sectors.

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.