U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.


Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.


  1. Home
  2. News
  3. Speeches

Was this page helpful?

Remarks by U.S. Commerce Secretary Gina M. Raimondo at the White House Open-Source Software Security Summit


Thank you, Anne, for inviting me to join you this afternoon.

I appreciate everyone’s willingness to come together to discuss the importance of open-source software security.

At the Commerce Department, we understand that we need to get this right. And that means working together with all of you in the private sector.

I was pleased to attend the White House Cybersecurity Summit last August. And I remember the tech leaders there speaking about the challenges they are facing when it comes to open-source software.

At that event, I announced a new effort from the National Institute of Standards and Technology, NIST, on technology supply chain security. This initiative includes developing best practices and new tools to secure open-source software.

I’m excited to hear the ideas you have come up with during today’s discussions.

Of course, commitments must be backed up by action.

For my part, I can tell you that NIST is ready, willing, and able to seriously consider and follow up on the actions that you have identified.

As you know from this morning’s presentation, NIST is driving major efforts – working in partnership with industry – to address the security of software and the broader supply chain.

NIST intends to soon release a Request for Information asking stakeholders – people like you – how it can improve its cybersecurity efforts. This will help ensure that NIST is partnering effectively with both the private and public sectors on cybersecurity, including open-source software.

If you have specific asks for NIST’s assistance, please share them through the Request for Information, or directly.

I’ll be tracking how today’s discussions lead to meaningful improvements in open-source software security. This is a priority for us at Commerce.

Thank you in advance for your efforts. Let’s get to work!