The Cybersecurity and Infrastructure Security Agency has jointly developed with the FBI and the Australian Cyber Security Centre a guidance to help software manufacturers and service providers deliver secure products and maintain safe deployment processes.
Titled “Safe Software Deployment: How Software Manufacturers Can Ensure Reliability for Customers,” the 12-page guidance issued on Thursday can help the software industry provide customer security and service reliability when introducing new product features, CISA said.
The guide provides key considerations in the six phases vital to safe software deployment, including planning, development, internal rollout, testing, customer trial and feedback. The guidance also offers pointers for creating playbooks on efficient and resilient software deployment to ensure that the safety steps taken are well-documented for future reference or use.
To develop the playbooks, the guide suggests the inclusion of emergency protocols to address the issues and concerns following software deployment. Incident detection and reporting, as well as recovery and rollback procedures are among the emergency protocols that the guidance recommends.
On the consumer front, CISA and the FBI recently released for public comment the Product Security Bad Practices catalog that also provide recommendations on how to build secure software.
Join the Potomac Officers Club’s 2024 Homeland Security Summit on Nov. 13, to learn more about the major threats poised against the United States and the efforts underway to address them. Register now to join the conversation!