When it comes to security, all software is ‘critical’ software

Open standards will have a huge impact on driving innovation in banking. Learn the status in the U.S. – and the bold new opportunities open standards are set to usher in.

Defining critical software has become a more complex task in recent years, as both tech professionals and government officials aim to contain or diminish the impact of cybersecurity breaches that are more difficult to label. The lines of definition have blurred beyond recognition, as all software platforms are hackable and threat actors are motivated by a slew of financial, geopolitical, or ideological agendas. Cyberattacks are undoubtedly part of the national security conversation, as more potent threats emanate from nations unfriendly to the United States.

As a partial response to this growing number of attacks, the White House released an executive order on May 12, 2021 to help improve the United States’ posture on cybersecurity. The order mandated that the National Institute of Standards and Technology (NIST) provide a definition for what should be considered “critical software.” On June 24, NIST released its definition, which will help both government and industry better understand where to focus and how to ramp up their efforts in securing software.

According to NIST, “EO-critical software is defined as any software that has, or has direct software dependencies upon, one or more components with at least one of these attributes:

Leave a Comment