in

NIST Combines IT Supply Chain Safety Ideas In Draft Report

NIST Combines IT Supply Chain Safety Ideas In Draft Report - top government contractors - best government contracting event
Site: ICE.gov

The National Institute of Standards and Technology has issued the second draft of its federal information technology supply chain risk management report, GCN reports.

NIST outlined 10 practices agencies should exercise in order to minimize risks in IT supply chain systems, GCN’s William Jackson writes.

The list consolidates 21 practices included in the original draft from 2010 and intends to outline commercially-applicable and repeatable practices, Jackson said. 

According to the report, supply chain security is included in cybersecurity practices since it includes equipment and software that can be compromised and allow for adversaries to gain access to systems later.

This is a result of increasingly sophisticated attack types and the growing global supply chain, NIST indicates.

Federal agencies should identify the elements, processes and actors in supply chains to protect information and communication technology products and services, the agency said.

NIST suggested limiting supply chain data within the agency, regular supply chain management training and reviews, and the creation of supply chain policies.

The agency is accepting comments on the draft through May 25.

ExecutiveBiz Logo

Sign Up Now! ExecutiveBiz provides you with Daily Updates and News Briefings about Cybersecurity

General Dynamics Opening Fort Bliss Tech Center; Chris Marzilli Comments - top government contractors - best government contracting event

General Dynamics Opening Fort Bliss Tech Center; Chris Marzilli Comments

Marines Considering Small UAS That Explodes On Impact