May 13, 2021
Report from CISA and NIST outlines ways to secure software supply chain for organizations, vendors
A new report from CISA and NIST breaks down how companies and their partners can utilize government resources to shore up their security against a software supply chain attack.
The agencies provide an overview of NIST’s Cyber Supply Chain Risk Management (C-SCRM) framework and the Secure Software Development Framework (SSDF). The report released today is targeted at the information and communications technology sector.
“Organizations acquiring software should consider its use, as with other ICT products and services, in the context...