The White House is planning an executive order that will demand more of the government’s software suppliers, but there won’t be any binding requirements for at least six months, an official working on the order said.
“I think you're looking at six months to a year depending upon the criticality of the software before you'll see anything binding. So there will be an opportunity to adjust to anything that's out there,” said Jeff Greene, acting senior director for cybersecurity at the National Security Council.
Greene spoke during a Wednesday event hosted by the Cybersecurity Coalition—and industry group of information technology, telecommunications and cybersecurity companies. Before joining the NSC last month, he was vice president of global government affairs and policy at Symantec and was director of the National Institute of Standards and Technology’s Cybersecurity Center of Excellence, which partners with the private sector.
The executive order is not meant to address every cybersecurity issue but will be a response to recent widespread hacks and, as a result, focus especially on software, Greene said.
Read more at: Nextgov