Cyber-Supply Chain Risk Management (C-SCRM)

NIST gives agencies new guidance to prepare for next SolarWinds-like hack

by • 2 weeks ago

During the 2020 SolarWinds hack, bad actors were able to access thousands of networks inside and outside government.

Agencies underscore software vulnerabilities in supply chain assessments

by • 3 months ago

The pandemic revealed an overreliance on software developers with opaque supply chains and a high risk of "cascading effects" should their products be compromised.

DHS wants to know how cyber-hygiene contract clauses are affecting vendors

by • 3 months ago

A sample of vendors will soon receive a questionnaire from the agency.