What you need to know: NIST updates on software supply chain cybersecurity & proposed landmark US legislation

In recent weeks, NIST has released new documents as part of the plan set out by President Biden’s Executive Order on Improving the Nation’s Cybersecurity. These documents focus on the security and integrity of the software supply chain and include Software Supply Chain Security Guidance and Special Publication 800-218, Secure Software Development Framework (SSDF).

Additionally, leaders of the U.S. Senate Homeland Security and Governmental Affairs Committee recently introduced the Strengthening American Cybersecurity Act. The act consolidates several previously proposed bills and is designed to “provide the Cybersecurity and Infrastructure Security Agency with the information and tools needed to warn of potential cybersecurity threats to critical infrastructure, prepare for widespread impacts, coordinate the government’s efforts,” as well as, “significantly bolster and modernize federal cybersecurity as new, serious software vulnerabilities continue to be discovered, such as the one in Log4j…and ensure that agencies can procure cloud-based technology quickly, while ensuring these systems, and the information they store, are secure.”

In this webinar, we cover:

  • The NIST Software Supply Chain Security Guidance
  • The NIST Secure Software Development Framework (SSDF)
  • The Proposed Strengthening American Cybersecurity Act
  • Best practices for improving your Supply Chain Software Security
  • How to adapt your TPRM program to new NIST guidance

On-demand webinar coming soon...

You may also like


Third-Party Risk

5 Ways to save time when assessing third parties for privacy and security risks webinar

Join our webinar and learn how to save time and streamline third-party risk assessment throughout the TPRM lifecycle.

October 25, 2023

Learn more


Third-Party Risk

Live demo: Building your third-party risk management program with OneTrust

Explore how OneTrust can help you build an efficient third-party risk management program that streamlines manual processes and uncovers hidden risks.

September 28, 2023

Learn more


Technology Risk & Compliance

Prioritizing the right InfoSec frameworks for your organization

In this free eBook, we explore the basics of three top InfoSec frameworks and how to decide which is the best fit for your organization.

September 27, 2023

Learn more