Yeah I just noticed (see my other comment). But I still think the paper is weirdly unbalanced and divorced from the realities of software development.
I think current events show the urgency around cybersecurity in the government. But it sounds more research-oriented, whereas I would expect it to be more about accelerating current practice (and also debunking technologies like Docker, which are sloppy with regard to security).
Maybe I'm misunderstanding the purpose of this paper though.
It seems to me to be a bit of a guideline or general list of thinks to be aware of when devleoping. It's fairly short, at least compared to many government reports, so it can be digested quickly and put in the ole' toolbox.
I think current events show the urgency around cybersecurity in the government. But it sounds more research-oriented, whereas I would expect it to be more about accelerating current practice (and also debunking technologies like Docker, which are sloppy with regard to security).
Maybe I'm misunderstanding the purpose of this paper though.