The American National Standards Institute (ANSI) encourages its stakeholders to respond to the U.S. Department of Commerce's National Institute of Standards and Technology (NIST) request for submissions on suggestions and feedback on the challenges and practical approaches to consumer software labeling. Responses, due by August 17, will help NIST to carry out one of its multiple assignments in Executive Order (EO) 14028, Improving the Nation’s Cybersecurity.
Part of the May 2021 EO directs NIST to initiate two labeling efforts – informed by existing consumer product labeling programs – to educate the public on the cybersecurity capabilities of Internet-of-Things (IoT) devices and software development practices.
NIST specifically requests one- to two-page submissions providing suggestions and feedback on the challenges and practical approaches to consumer software labeling, especially:
Stakeholders are invited to respond to the call for papers, comment on a forthcoming draft white paper, and participate in a virtual NIST workshop to be held on September 14–15, 2021, 11:00 a.m. – 4:00 p.m. ET, which will include panel discussions and presentations based on submissions.
Recent Efforts to Support Cybersecurity
In July 2021, as part of its response to meet criteria in the EO to support cybersecurity efforts, NIST published a definition of "critical software" and published comments received in response to its Enhancing Software Supply Chain Security: Workshop and Call for Position Papers on Standards and Guidelines.
Access related news: