The White House Office of the National Cyber Director (ONCD) has urged the largest players in emerging technologies to adopt safer programming languages.
The advice was released as part of a new report titled “Back to the Building Blocks: A Path Toward Secure and Measurable Software.”
The ONCD stated, “method manufacturers can use to reduce memory safety vulnerabilities is to secure one of the building blocks of cyberspace: the programming language. Using memory-safe programming languages can eliminate most memory safety errors.”
What is the Office of the National Cyber Director (ONCD)?
The ONCD advises the President of the United States on matters of cybersecurity policy, and strategy and highlights any concerns in this space. The security entity spans all U.S. government departments, private companies, and international partners to coordinate federal cybersecurity policy.
“The challenge of eliminating entire classes of software vulnerabilities is an urgent and complex problem,” The new report would state.
“It is a path that requires the convergence of government initiative, private sector innovation, and groundbreaking academic research. Working together to proactively eliminate software vulnerabilities alleviates the burden from those least equipped to bear it, and empowers front-line cyber defenders to look forward. Defining high-quality cybersecurity realigns incentives and provides confidence in what cyberspace can be.”
The Biden-Harris Administration has received recognition from industry leaders for this decision to reaffirm the vulnerabilities that must be considered in lockstep with technological advancements.
The ONCD would post on the official X page about the clamor of support from members of academia and the private sector about the White House’s direction:
In support of our report calling for a memory safe future, we have received an incredible response with statements of support from a variety of companies, academic experts, and leaders in civil society. Join us!
— Office of the National Cyber Director (@ONCD) February 26, 2024
Fidelma Russo, Executive Vice President and General Manager, Hybrid Cloud and Chief Technology Officer at Hewlett Packard Enterprise said, “we commend Director Coker and the Administration for this initiative, which is an important response to the ever-evolving cyber threat landscape. Memory-safe computing prevents vulnerabilities before they can be exploited by threat actors, and will be a new internal standard at HPE for cloud-native development.”
Professor of Computer Science at Stanford University, Dan Boneh commented that the “White House is taking a pragmatic approach, and is proposing to start this conversion with critical space systems, which is a good testing ground for the proposed approach. Preventing memory safety bugs is only the beginning of a long journey towards more secure software.”
“We, as a nation, have the ability – and the responsibility – to reduce the attack surface in cyberspace and prevent entire classes of security bugs from entering the digital ecosystem but that means we need to tackle the hard problem of moving to memory-safe programming languages,” National Cyber Director Harry Coker would say.
Featured image: Pexels