Back to all

Whoa… NIST does something that’s actually consumer/ business friendly?

security logo

Today the National Institute of Standards and Technology (“NIST”) announced that it’s seeking public comment on a voluntary labeling program for software with security features. The initiative is meant to help software shoppers understand the security features of products they’re buying.

As a starting point, NIST published a document, formally titled Draft Baseline Criteria for Consumer Software Cybersecurity Labeling. Interested parties can provide comments to the draft up until Dec. 16, 2021 (by email to labeling-eo@nist.gov) or the project’s website).

The guidance / project is part of NIST’s response to President Biden’s May 12, 2021, Executive Order (EO) 14028 on Improving the Nation’s Cybersecurity. The EO specifies that NIST “shall identify secure software development practices or criteria for a consumer software labeling program” (in other words, criteria that reflect a baseline level of cybersecurity and that focus on ease of use for consumers).

Now let’s just hope we won’t need a new standards document to interpret the labels themselves.

Selected resources:

NIST announcementhttps://www.nist.gov/news-events/news/2021/11/nist-seeks-public-input-consumer-software-labeling-cybersecurity
Selected resources

You might also enjoy

Foundry Legal is a law practice.  We primarily focus on data privacy, emerging technology companies and social impact organizations, and capital formation through private securities offerings and strategic investments/acquisitions. 

Occasionally we will find an issue that really, really goes against something we stand for and when that happens we won’t hestitate to get involved.  

The firm serves clients across a range of industries, including new agriculture, financial institutions, aerospace, and professional services.  We are in Denver, Colorado.  Other stuff about us

Other Thoughts on Things
blockchain

Blockchain and Fintech

At the intersection of governance, data security, payments and financial services, and securities regulation lies the blockchain industry. Luckily for our clients, these topics are

Foundry Legal May 11, 2018
compliance

Privacy and Data Security

As the regulation of how businesses use, store, and transmit data becomes more complex, companies and executives must navigate between state-specific and industry-level privacy and

Foundry Legal May 23, 2018
commercial contracts

Founder Disputes & Business Divorces

One of the most overlooked and under-appreciated aspect of starting a business with other people is the human relationship. Like in any partnership, there is

Foundry Legal June 1, 2018