all InfoSec news
How NIST CSF 2.0 and C-SCRM help manage software supply chain risk
ReversingLabs Blog blog.reversinglabs.com
The U.S. National Institute of Standards and Technology (NIST) released the first version of its Cybersecurity Framework (PDF) in 2014. It was originally designed for use by the U.S.'s critical infrastructure sectors to help them better manage cybersecurity threats. As for the enterprises and small businesses that make up the bulk of the U.S. economy? NIST's CSF had less to say about their needs.
appsec & supply chain security businesses critical critical infrastructure critical infrastructure sectors c-scrm csf csf 2.0 cybersecurity cybersecurity threats enterprises framework infrastructure manage national nist nist csf nist csf 2.0 pdf risk scrm sectors small businesses software software supply chain software supply chain risk standards supply supply chain supply chain risk technology threats version