May 14, 2021 | less than a minute read

The Cybersecurity and Infrastructure Security Agency (CISA) releases new cybersecurity resource

Get in touch

Liza Craig

Counsel

Get in touch

Liza Craig

Counsel

A new publication called The Defending Against Software Supply Chain Attacks has been issued by CISA and the National Institute of Standards and Technology (NIST). It provides an overview of software supply chain issues and makes recommendations about how software customers and vendors can identify, assess, and mitigate software supply chain risks. The publication also provides practical guidance associated with the use of the NIST’s Cyber Supply Chain Risk Management (C-SCRM) framework and the Secure Software Development Framework (SSDF).

The publication can be found here: https://www.cisa.gov/publication/software-supply-chain-attacks

A software supply chain attack—such as the recent SolarWinds Orion attack—occurs when a cyber threat actor infiltrates a software vendor’s network and employs malicious code to compromise the software before the vendor sends it to their customers. The compromised software can then further compromise customer data or systems.

us-cert.cisa.gov/...

Entertainment and Media Guide to AI

By Sophie Goossens

Latest Insights

Six Principles and a Consultation - Improving Integrity of Carbon and Nature Credits in the UK

20 Nov, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) releases new cybersecurity resource

Get in touch

Get in touch

Tags

Get in touch

Get in touch

Entertainment and Media Guide to AI

Latest Insights

Six Principles and a Consultation - Improving Integrity of Carbon and Nature Credits in the UK

What will be the fate of issues of importance to radiologists in President Trump's second administration?

But I Didn't Mean To! Court Sanctions for Failure to Preserve ESI Even Absent Intent to Deprive Other Parties

Adapting office spaces for a new era: Trends in UK regional lettings