The US Cybersecurity and Infrastructure Security Agency (CISA) has published a request for comment on its draft Product Security Bad Practices guidance. This upcoming guidance, developed as part of CISA’s Secure by Design initiative, will provide an overview of product security practices deemed exceptionally risky, particularly for organizations supporting critical national infrastructure (CNI) or national critical functions (NCFs).

Source: Infosecurity Magazine – Information Security & IT Security