US Government Bans Insecure Software

By   ISBuzz Team
Writer , Information Security Buzz | Aug 22, 2022 05:13 am PST

It has been announced that the US government is banning insecure software from its procurement process in a bid to improve the country’s cyber security.

Notify of
1 Expert Comment
Oldest Most Voted
Inline Feedbacks
View all comments
Julia O’Toole
Julia O’Toole , Founder and CEO
August 22, 2022 1:15 pm

This is a positive step forward from the US government and it highlights the country’s determination towards a secure digital future.  

The legislation will not only prohibit software that contain vulnerabilities being used by the US government, but it will also encourage manufacturers to employ secure-by-design principles which will introduce significant security improvements.

However, what the US government must realise is that patching vulnerabilities will only address a fraction of the real problem. Yes, vulnerabilities leave holes in networks, but the preferred entry for an attacker is still using stolen employee credentials.

As a result, the US government needs to improve security by implementing encrypted access for all employees. Otherwise, they are leaving a major vulnerability within their systems, and when they do not control network access, they no longer control their data.

By encrypting access, government workers will not know their own credentials, so they can’t be phished or stolen, which provides an important layer of security while firmly closing the door on unauthorised intruders.

Last edited 1 year ago by Julia O’Toole

Recent Posts

Would love your thoughts, please comment.x