all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Less talk, more action: High hopes for CISA's C-SCRM software supply chain security office

Add to bookmarks
Feb. 15, 2023, 3:44 p.m. | ericka@chickowski.com (Ericka Chickowski)

ReversingLabs Blog blog.reversinglabs.com




The US Cybersecurity and Infrastructure Security Agency (CISA) is making moves in 2023 to put all of its recent policy and guidance work around software supply chain security into action. Earlier this month, the agency announced a risk management office that is meant to help operationalize a lot of the new and upcoming guidance from CISA and other federal agencies on cyber supply chain risk management (C-SCRM).

action agency cisa c-scrm cyber cybersecurity federal federal agencies guidance high infrastructure infrastructure security making management office policy risk risk management scrm secure software development framework security software software supply chain software supply chain security supply supply chain supply chain risk supply chain risk management supply chain security upcoming work

Visit resource

More from blog.reversinglabs.com / ReversingLabs Blog

CycloneDX upgraded for the evolving software supply chain security era 1 day, 22 hours ago | blog.reversinglabs.com
ai development appsec & supply chain security bill bills +25
Where GenAI intersects with threat modeling: 3 key benefits for AppSec 3 days ago | blog.reversinglabs.com
application application security appsec appsec & supply chain security +18
OWASP's LLM AI Security & Governance Checklist: 13 action items for your team 4 days ago | blog.reversinglabs.com
action ai security appsec & supply chain security artificial +15
XZ Trojan highlights software supply chain risk posed by 'sock puppets' 1 week, 2 days ago | blog.reversinglabs.com
appsec & supply chain security attacks compression compromise +28
The state of secrets security: 7 steps to better managing risk 1 week, 3 days ago | blog.reversinglabs.com
appsec & supply chain security complexity development epidemic +16
When GenAI and low-code collide: What could go wrong for AppSec? 1 week, 3 days ago | blog.reversinglabs.com
application application security appsec appsec & supply chain security +22
Malicious helpers: VS Code Extensions observed stealing sensitive information 2 weeks, 3 days ago | blog.reversinglabs.com
administrators attacks code daily +20
SBOMs are now essential: Make them actionable to better manage risk 2 weeks, 4 days ago | blog.reversinglabs.com
actionable appsec & supply chain security attack attacks +15
A software supply chain meltdown: What we know about the XZ Trojan 2 weeks, 4 days ago | blog.reversinglabs.com
alarms appsec & supply chain security attack backdoor +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Security Officer Level 1 (L1)

@ NTT DATA | Virginia, United States of America
View on infosec-jobs.com

Alternance - Analyste VOC - Cybersécurité - Île-De-France

@ Sopra Steria | Courbevoie, France
View on infosec-jobs.com

Senior Security Researcher, SIEM

@ Huntress | Remote US or Remote CAN
View on infosec-jobs.com

Cyber Security Engineer Lead

@ ASSYSTEM | Bridgwater, United Kingdom
View on infosec-jobs.com
View more jobs