Cybersecurity
NTIA’s cybersecurity multistakeholder processes, conducted in an open and transparent manner, contribute to the security of the nation’s Internet architecture. The consensus-based development of market-based cybersecurity solutions and guidance creates a foundation for increasing digital security. Recent processes include:
- Software component transparency -- creating guidance for the use of a “Software Bill of Materials,” which functions as a list of ingredients that make up software components
- Internet of Things security – addressing key aspects of IoT security, including upgradability and patchability of connected devices
- Cybersecurity vulnerability disclosures – increasing collaboration between security researchers and software and system developers and owners
Related content
Secure Internet Routing
By Bob Cannon, Senior Telecommunications Policy Analyst, NTIA
My name is Bob. I am number six.
Do you believe me?
If I were wrong… would you know?
In the 1960s television show “The Prisoner,” retired secret agents are held captive in a place known only as “The Village” and assigned numbers to replace their identities. Protagonist “Number Six” quickly learns that what one claims to be and what one is can be two different things.
Internet routing is a bit like life in The Village. One network whispers to a second that it is number six. The second network then tells two other networks that it can send traffic to number six. And those two networks tell two more networks that they can reach the network that reaches number six. And so on. Networks make routing decisions based on these whispers, following the path back to the network that says it is number six. Sometimes those whispers are right. Sometimes they are wrong. When they are wrong, Internet traffic can go astray.
NTIA Celebrates April as National Supply Chain Integrity Month
This April marks the 6th annual National Supply Chain Integrity Month. NTIA and its Federal partners are pleased to participate in this campaign to raise awareness of the threats to supply chains, the resources available to mitigate such threats, and ways to build resilience to future risks.
This year’s theme is “Supply Chain Risk Management – The Recipe for Resilience.” The “recipe” for improving an organization’s resilience involves several key ingredients:
- Acquisition security,
- Information security,
- Insider threat mitigation, and
- Cybersecurity.
A comprehensive supply chain risk management (SCRM) program allows an organization to better understand its risk profile and where and when to implement mitigations throughout the supply chain lifecycle.