Nextgov: CISA Official Promotes an Emerging Cybersecurity Role in Wake of New Executive Order

“Recent attacks highlighting the foundational role of software in critical services—a dynamic encapsulated by the term ‘infrastructure is code’—are boosting calls for a new cybersecurity workforce component: a chief product security officer.

‘Many of these safety physical and safety critical product lines and highly regulated lines like medical device makers, and industrial environments have already been adding, whether it’s a chief product officer or a head of product security that is often peer to or even the superior to the [chief information security officer] who’s doing more enterprise security or operational risk management,’ said Senior Cybersecurity and Infrastructure Security Agency Advisor Josh Corman….”

“The rise of the CPSO is due in part ‘because the software failure has been growing in volume, variety and impact,’ Corman said. ‘I didn’t think I’d ever be saying this but we are in fact seeing national security-level cybersecurity failures from a series of accidents and adversaries and nation-states and regulators of course domestically, internationally and in the private sector are taking notice and taking action.’…”

“Corman said secure software engineering knowledge would be really important for the CPSO but that their activities could also involve threat modeling and a focus on security architecture pre-development, more penetration testing and coordinated vulnerability disclosure programs, [product security incident response] and risk management.

‘We hope that you start your journey,’ he said. ‘Whether you’re going to become a chief product security officer, you’re gonna work with one or you’re really gonna perform a subset of those functions. The increased regulatory scrutiny, the increased market demand gives you the opportunity to maybe redefine and forge another career path than you’ve had thus far. We’re in the face of significant turbulent technological changes, and these may be either threats to your old program or maybe even opportunities for you to insert and uplevel your game.’…” Read the full article here.

Source: CISA Official Promotes an Emerging Cybersecurity Role in Wake of New Executive Order – By Mariam Baksh, May 21, 2021. Nextgov.

0
Tags:

This topic contains 0 replies, has 1 voice, and was last updated by  Jackie Gilbert 5 months ago.

  • Author
    Posts
  • #128023

    Replies viewable by members only

    0

You must be logged in to reply to this topic.

CONTACT US

Questions?. Send us an email and we'll get back to you, asap.

Sending

©2021 MileMarker10, LLC all rights reserved | Community and Member Guidelines | Privacy Policy | About G2Xchange FedCiv

Opportunities. Starting Points.

About our Data

The Vault is a listing of expiring contracts, task orders, etc. within a certain set of parameters, to include:

  • Have an initial total estimated contract value of $10 million or above
  • Federal Civilian Only – DHS, Transportation, Justice, Labor, Interior, Commerce, Energy, State, and Treasury Actions
  • NAICS codes include: 511210, 518210, 519130, 519190, 541511,
    541512, 
    541513, 541519, 541611, 541618,
    541690, 541720, 541990
  • Were modified within the last 12 calendar months
  • The data represented is based on information provided by the government

Who has access? Please note that ALL G2Xchange FedCiv Members will receive access to all basic and much of the advanced data. G2Xchange FedCiv Corporate Members will receive access to ALL Vault content (basic and advanced).

Feedback/Suggestions? Contact us at Vault@G2Xchange.com and let us know what you think. 

G2Xchange FedCiv

Log in with your credentials for G2Xchange FedCiv

Forgot your details?