United States of America: NIST publishes definition for "critical software"
Description
NIST publishes definition for "critical software"
The National Institute of Standards and Technology (NIST) defines "critical software", as requested in May 2021 via the Executive Order on Improving the Nation's Cybersecurity (EO 14028). Per the Executive Order, the software products classified as …
Scope
Policy Area
Data governance
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
software provider: other software
Implementation Level
national
Government Branch
executive
Government Body
other regulatory body
Key regulatory dimensions
Regulated subjects
The businesses, government agencies or individuals affected by this policy or regulatory change.
producer / supplier
1
Type
Private organisation
Economic activity
software provider: other software
Category
All
Policy change by business practice
The detailed activities within the scope of this policy or regulatory change.
government data (all forms): storage (any form)
Regulatory tool
Creation of other oversight body
Preventive security requirement
Responsive security requirement
Sanctions
Regulated subjects
1
corporate data (all forms): storage (any form)
Regulatory tool
Creation of other oversight body
Preventive security requirement
Responsive security requirement
Sanctions
Regulated subjects
1