NIST Combines IT Supply Chain Safety Ideas In Draft Report

NIST Combines IT Supply Chain Safety Ideas In Draft Report - top government contractors - best government contracting event
Site: ICE.gov

The National Institute of Standards and Technology has issued the second draft of its federal information technology supply chain risk management report, GCN reports.

NIST outlined 10 practices agencies should exercise in order to minimize risks in IT supply chain systems, GCN’s William Jackson writes.

The list consolidates 21 practices included in the original draft from 2010 and intends to outline commercially-applicable and repeatable practices, Jackson said. 

According to the report, supply chain security is included in cybersecurity practices since it includes equipment and software that can be compromised and allow for adversaries to gain access to systems later.

This is a result of increasingly sophisticated attack types and the growing global supply chain, NIST indicates.

Federal agencies should identify the elements, processes and actors in supply chains to protect information and communication technology products and services, the agency said.

NIST suggested limiting supply chain data within the agency, regular supply chain management training and reviews, and the creation of supply chain policies.

The agency is accepting comments on the draft through May 25.

You may also be interested in...

Red Hat's David Egts: Open-Source Training, “˜Sense of Mission' Could Help Agencies Address Cyber Skills Gap - top government contractors - best government contracting event

Red Hat's David Egts: Open-Source Training, “˜Sense of Mission' Could Help Agencies Address Cyber Skills Gap

David Egts, chief technologist for Red Hat's North American public sector, has said there are several options …

HHS, Industry Aim to Help Health Organizations Mitigate Cyber Threats With New Publication - top government contractors - best government contracting event

HHS, Industry Aim to Help Health Organizations Mitigate Cyber Threats With New Publication

The Department of Health and Human Services has released a four-volume document that outlines 10 …

Cloud-Based Identity Tools, Mobile Device-Based Authentication Among Cyber Market Trends to Watch in 2019 - top government contractors - best government contracting event

Cloud-Based Identity Tools, Mobile Device-Based Authentication Among Cyber Market Trends to Watch in 2019

Some of the trends in the cybersecurity market to watch in 2019 include the availability …