Legislation advances for open-source security infrastructure

The House Homeland Security Committee has advanced legislation aimed at protecting the federal government and vital infrastructure by securely accessing open-source software. It requires the Cybersecurity and Infrastructure Security Agency (CISA) to create a risk strategy that outlines how the federal government may rely on open-source code.

The proposed legislation directs CISA to create a risk framework for federal government usage of open-source software, as well as to hire a dedicated staff of open-source security experts and engineers to strengthen the code’s protection against any future digital threats.

This proposal, which parallels a bill passed by the Senate Homeland Security Committee in March, is in reaction to a security weakness discovered last year in Log4j, a widely used open-source code. According to CISA estimates, the intrusion affected a large number of devices worldwide.

In addition, the committee adopted another measure that directs CISA to develop a program to give cybersecurity training to Homeland Security Department personnel who are not already employed in such jobs. The measure also requests that the Department of Homeland Security’s (DHS) undersecretary for management assist in the recruitment and identification of prospective personnel for this program.

Meanwhile, the Senate Homeland Security Committee advanced cybersecurity legislation by passing a bipartisan bill requiring CISA to provide commercial satellite owners and operators with information and resources to strengthen defenses against cyberattacks, particularly from hostile nation states.

The sources for this piece include an article in TheRecord.

IT World Canada Staff
IT World Canada Staff
The online resource for Canadian Information Technology professionals.

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

ITW in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

More Best of The Web