GRC & SECURITY ASSURANCE

What you need to know: NIST updates on software supply chain cybersecurity & proposed landmark US legislation

In recent weeks, NIST has released new documents as part of the plan set out by President Biden’s Executive Order on Improving the Nation’s Cybersecurity. These documents focus on the security and integrity of the software supply chain and include Software Supply Chain Security Guidance and Special Publication 800-218, Secure Software Development Framework (SSDF).

Additionally, leaders of the U.S. Senate Homeland Security and Governmental Affairs Committee recently introduced the Strengthening American Cybersecurity Act. The act consolidates several previously proposed bills and is designed to “provide the Cybersecurity and Infrastructure Security Agency with the information and tools needed to warn of potential cybersecurity threats to critical infrastructure, prepare for widespread impacts, coordinate the government’s efforts,” as well as, “significantly bolster and modernize federal cybersecurity as new, serious software vulnerabilities continue to be discovered, such as the one in Log4j…and ensure that agencies can procure cloud-based technology quickly, while ensuring these systems, and the information they store, are secure.”

In this webinar, we cover:

  • The NIST Software Supply Chain Security Guidance
  • The NIST Secure Software Development Framework (SSDF)
  • The Proposed Strengthening American Cybersecurity Act
  • Best practices for improving your Supply Chain Software Security
  • How to adapt your TPRM program to new NIST guidance

On-demand webinar coming soon...


You may also like

Webinar

Third-Party Risk

Staying vigilant: 7 practical tips for ongoing third-party risk monitoring

In this webinar, we'll share seven practical tips for effective third-party risk monitoring, helping you to identify new risks and take timely action to protect your business.

August 02, 2023

Learn more

Webinar

Third-Party Risk

Automating third-party management workflows: 5 ways to drive alignment across teams

Join us as we explore how automating third-party management workflows streamlines processes, drives alignment across teams, and reduces reduntant work.

July 19, 2023

Learn more

Webinar

Third-Party Risk

Are your third parties a privacy compliance liability? 5 tips to reduce your exposure

Join our webinar and learn how to create an effective, privacy-focused third-party risk management (TPRM) program that streamlines recordkeeping and reduces your risk exposure.

July 05, 2023

Learn more