Supply Chain Council of European Union | Scceu.org
News

Software Supply Chain Security Guidance

Software is a critical component of the larger challenge of managing cybersecurity related to supply chains. Section 4 of the EO directs NIST to solicit input from the private sector, academia, government agencies, and others and to identify existing or develop new standards, tools, best practices, and other guidelines to enhance software supply chain security. Those guidelines are to include: 

  • criteria to evaluate software security,  
  • criteria to evaluate the security practices of the developers and suppliers themselves, and 
  • innovative tools or methods to demonstrate conformance with secure practices. 

Based on more than 150 responses to a call for position papers, multiple workshops, and responses to draft documents, NIST has produced a series of guidance resources.
 

NIST Tasks and Timeline for EO 14028 Section 4

Related posts

Supply Chain Consulting: A Brief Summary of What is Important!

scceu

[Webinar] The pharma supply chain after Covid-19

scceu

The Future Of The Pharmaceutical Supply Chain

scceu