From Inside Cybersecurity:

Brandon Pugh of the R Street Institute think tank said of the liability and regulatory aspects of the strategy, “I urge the administration and Congress to tread carefully as they contemplate action that could undermine free market principles.”

Pugh said “The strategy currently recommends shifting liability onto manufacturers and software publishers that fail to take precautions to secure their software through legislation that the administration hopes to develop with Congress. This might sound positive in theory, but in practice there would be large challenges and many questions to answer first.