all InfoSec news
Less talk, more action: High hopes for CISA’s C-SCRM software supply chain security office
Security Boulevard securityboulevard.com
The US Cybersecurity and Infrastructure Security Agency (CISA) is making moves in 2023 to put all of its recent policy and guidance work around software supply chain security into action. Earlier this month, the agency announced a risk management office that is meant to help operationalize a lot of the new and upcoming guidance from CISA and other federal agencies on cyber supply chain risk management (C-SCRM).
The post Less talk, more action: High hopes for CISA’s C-SCRM software supply …
action agency cisa c-scrm cyber cybersecurity federal federal agencies guidance high infrastructure infrastructure security making management office policy risk risk management scrm secure software development framework security software software supply chain software supply chain security supply supply chain supply chain risk supply chain risk management supply chain security upcoming work