An industry perspective on CISA's latest plan to get more software security assurances from vendors

Summary: Starting sometime next year, companies that want to sell software to the government will need to sign new attestations – certifying that they have taken certain steps to make sure their software is secure. Earlier this month, the Cybersecurity and Infrastructure Security Agency released its latest draft of the form companies will need to submit. One of the biggest changes is the attestations will have to be signed by a company’s CEO. But there are several other updates, too. For more about them and get an industry perspective, Federal News Network Deputy Editor Jared Serbu talked with Leopold Wildenauer, the Senior Manager for Public Sector Policy at the Information Technology Industry Council. Learn more about your ad choices. Visit megaphone.fm/adchoices