What you need to know: NIST updates on software supply chain cybersecurity & proposed landmark US legislation

In recent weeks, NIST has released new documents as part of the plan set out by President Biden’s Executive Order on Improving the Nation’s Cybersecurity. These documents focus on the security and integrity of the software supply chain and include Software Supply Chain Security Guidance and Special Publication 800-218, Secure Software Development Framework (SSDF).

Additionally, leaders of the U.S. Senate Homeland Security and Governmental Affairs Committee recently introduced the Strengthening American Cybersecurity Act. The act consolidates several previously proposed bills and is designed to “provide the Cybersecurity and Infrastructure Security Agency with the information and tools needed to warn of potential cybersecurity threats to critical infrastructure, prepare for widespread impacts, coordinate the government’s efforts,” as well as, “significantly bolster and modernize federal cybersecurity as new, serious software vulnerabilities continue to be discovered, such as the one in Log4j…and ensure that agencies can procure cloud-based technology quickly, while ensuring these systems, and the information they store, are secure.”

In this webinar, we cover:

  • The NIST Software Supply Chain Security Guidance
  • The NIST Secure Software Development Framework (SSDF)
  • The Proposed Strengthening American Cybersecurity Act
  • Best practices for improving your Supply Chain Software Security
  • How to adapt your TPRM program to new NIST guidance

On-demand webinar coming soon...

You may also like


GRC & Security Assurance

Empowering your cyber defense: Key insights into the latest NIST CSF update with PwC

Join this webinar with OneTrust and PwC and gain insights into the upcoming NIST CSF update and learn how to effectively deploy it across your organization.

November 09, 2023

Learn more


Third-Party Risk

5 Ways to save time when assessing third parties for privacy and security risks webinar

Join our webinar and learn how to save time and streamline third-party risk assessment throughout the TPRM lifecycle.

October 25, 2023

Learn more


Technology Risk & Compliance

5 key areas for improved automation in InfoSec compliance

Streamline and scale your organization’s InfoSec compliance program by focusing on these five key areas of automation

October 02, 2023

Learn more