CISA’s Friedman: Managing risks related to unsupported software starts in the ‘data layer’

Managing the risks posed by software that is no longer supported by its manufacturer requires a data-centric approach to address the wide range of software types and open source components, according to the Cybersecurity and Infrastructure Security Agency’s Allan Friedman.

CISA is pushing for “an infrastructure where we have better data around end-of-life and end-of-support” to meet an objective in President Biden’s national cyber strategy, Friedman explained to Inside Cybersecurity.

Friedman, a senior advisor and strategist at CISA, spoke with...