When do you think we'll see more standards introduced for code signing?

Secure Code & Automation (DevSecOps)Risk Management

Within the next 6 months49%

Within the next 7-12 months41%

Within the next 1-2 years8%

I have no idea1%

131 PARTICIPANTS

1.6k views3 Comments

Sort by:

President and National Managing Principal in Software2 years ago

I wish I really knew. I feel like standards for assessing the certificate management side of Code Signing (i.e. WebTrust) have been around for sometime and are not used as much as they could be. I'd be up for other standards, but the integrity of code has never been more important IMO.

CISO in Software2 years ago

I would love to hear from the community on where/what forum they think these standards will appear or should reside in?

Head of Cyber Security in Manufacturing2 years ago

Aviation is quite strong on it, with the topics around: ED-202, ED-203, ED-204, Part-IS and a few more.

With high probability in Europe with the introduction of Cyber Resiliency Act i hope too see further adoption of code signing.

Content you might like

I'm looking to go for the Certified CISO certification & training as I'm an aspiring CISO. Any recommendations and additional certifications that I should be doing along with that? I already have CISSP.

AI deepfakes have cost the industry over $200M this year. As CISOs, can we scale detection fast enough, or is regulatory pressure the only way to drive adoption?

I wanted a point of view on migration from on-prem AD and SCCM to AAD and Intune. Would be great to have a perspective on, - Is there a real need since SCCM is still undersupport from Microsoft? - I understand that we can get rid of onprim AD Infrastructure and move on SaaS, but any other benefits we get by doing this?

Does your organization provide security leaders with any legal training (e.g., CISO liability)?

Yes, it is required19%

Yes, but it is optional54%

It is being discussed16%

No10%

Unsure

View Results