Cyber-Supply Chain Risk Management (C-SCRM)

GSA to set baseline requirements for cloud providers through Ascend

by

Requirements will emphasize Cloud Smart objectives and cybersecurity supply chain risk management while providing agencies an open source experience.

Watchdog finds just two DOJ agencies adhering to supply chain risk requirements

by

The DOJ’s Office of Inspector General carried out an audit of cyber-supply chain risk management compliance across the department.

NIST gives agencies new guidance to prepare for next SolarWinds-like hack

by

During the 2020 SolarWinds hack, bad actors were able to access thousands of networks inside and outside government.

Agencies underscore software vulnerabilities in supply chain assessments

by

The pandemic revealed an overreliance on software developers with opaque supply chains and a high risk of "cascading effects" should their products be compromised.

DHS wants to know how cyber-hygiene contract clauses are affecting vendors

by

A sample of vendors will soon receive a questionnaire from the agency.

TwitterFacebookLinkedInRedditGmail