In August, the US Cybersecurity and Infrastructure Security Agency (CISA) published a draft for public comment on updated guidance building on NTIA’s 2021 The Minimum Elements for a Software Bill of Materials. In the four years since its original publication, the SBOM landscape has changed dramatically. What began as a recommended best practice is now a foundational component of global cybersecurity policy. Legislative frameworks like OMB M-22-18, Executive Order 14028, and the National Cyber Strategy underscore the critical role SBOMs play in procurement security, compliance, and operational resilience.
*** This is a Security Bloggers Network syndicated blog from 2024 Sonatype Blog authored by Tom Tapley. Read the original post at: https://www.sonatype.com/blog/what-federal-agencies-need-to-know-about-cisas-2025-sbom-minimum-elements
