Inside Cybersecurity

May 13, 2021

Daily News

Report from CISA and NIST outlines ways to secure software supply chain for organizations, vendors

By Sara Friedman / April 26, 2021

A new report from CISA and NIST breaks down how companies and their partners can utilize government resources to shore up their security against a software supply chain attack.

The agencies provide an overview of NIST’s Cyber Supply Chain Risk Management (C-SCRM) framework and the Secure Software Development Framework (SSDF). The report released today is targeted at the information and communications technology sector.

“Organizations acquiring software should consider its use, as with other ICT products and services, in the context...


Log in to access this content.


Not a subscriber? Sign up for 30 days free access to exclusive news and analysis on cybersecurity regulations and more.