Cyber Security and the DPG Standard #105

prajectory · 2021-11-30T05:49:48Z

In order for DPGs to have robust "security by design", the DPGA has commissioned expert dialogues and community inputs to implement cyber security tenets in the design stage of the DPG.

There are 3 parts to this:

How to retrofit the standard to meet the basic principles of cyber security by design?
How to think through risk mitigation through robust documentation and audits?
Guiding principles and best practices for product owners to deploy in the designing process of DPGs

jstclair2019 · 2023-02-16T12:58:31Z

Has this expert panel been convened? Happy to add a couple things:

We're still working on the Security Architecture guidance for OpenHIE, so there may be parallels
Specific to Open Source Software Security, the OpenSSF has significant efforts for tooling and training, including free developer courses
The US is pushing for the use of Software Bills of Materials across all industries and should be considered for the DPG Standard.

prajectory added the Community-Discussion-Period label Nov 30, 2021

prajectory self-assigned this Dec 16, 2021

prajectory added next version and removed Community-Discussion-Period labels Dec 16, 2021

prajectory removed the next version label Apr 26, 2022

prajectory added this to Standard Governance Apr 26, 2022

prajectory added the Research label Apr 26, 2022

prajectory moved this to Knowledge in Standard Governance Apr 26, 2022

prajectory added Community inputs and removed Research labels Jan 24, 2023

prajectory moved this from ToDo to Contributions in Standard Governance Jan 24, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Cyber Security and the DPG Standard #105

Cyber Security and the DPG Standard #105

prajectory commented Nov 30, 2021

jstclair2019 commented Feb 16, 2023

Cyber Security and the DPG Standard #105

Cyber Security and the DPG Standard #105

Comments

prajectory commented Nov 30, 2021

jstclair2019 commented Feb 16, 2023