When do you think we'll see more standards introduced for code signing?

Security Strategy & Roadmap Secure Code & Automation (DevSecOps)

Within the next 6 months28%

Within the next 7-12 months52%

Within the next 1-2 years18%

I have no idea1%

138 PARTICIPANTS

1.6k views3 Comments

Sort by:

President and National Managing Principal in Software2 years ago

I wish I really knew. I feel like standards for assessing the certificate management side of Code Signing (i.e. WebTrust) have been around for sometime and are not used as much as they could be. I'd be up for other standards, but the integrity of code has never been more important IMO.

CISO in Software2 years ago

I would love to hear from the community on where/what forum they think these standards will appear or should reside in?

Head of Cyber Security in Manufacturing2 years ago

Aviation is quite strong on it, with the topics around: ED-202, ED-203, ED-204, Part-IS and a few more.

With high probability in Europe with the introduction of Cyber Resiliency Act i hope too see further adoption of code signing.

Content you might like

How often do you survey your organization for new, emerging risks? My company currently does quarterly surveys and I am contemplating dropping it down to 2x/year. Appreciate the insights!

Cybersecurity expertise in corporate boardrooms is long overdue.

Strongly agree26%

Agree64%

Neutral8%

Disagree

Strongly disagree

View Results

Do you use tabletop exercises to practice your incident response plans?

Yes47%

We are currently considering incident response partners.36%

No, but I expect that may change.12%

No, and I don’t expect that to change.3%

View Results

What are your preferred tactics for building effective collaboration on cross-functional teams involved in AI governance and risk management (e.g., joint steering committees, shared KPIs, etc.)? Which roles are currently involved?