NIST publishes another public draft about cybersecurity supply chain management risk
The US National Institute of Standards and Technology (NIST) issued the second public draft of Special Publication (SP) 800 – cybersecurity supply chain risk management practices for systems and organizations. This publication guides organizations on identifying, assessing, and mitigating cyber supply chain risks at all levels of their organizations. The publication integrates cyber supply chain risk management (C-SCRM) into risk management activities by applying a multi-level, C-SCRM-specific approach. The new version also includes two appendices that focus more specifically on Federal departments and agencies. The deadline for public comments is December 3, 2021.
About author
DW Team
The GIP Digital Watch Observatory team, consisting of over 30 digital policy experts from around the world, excels in the fields of research and analysis on digital policy issues. The team is backed by the creative prowess of Creative Lab Diplo and the technical expertise of the Diplo tech team.