To embed, copy and paste the code into your website or blog:
In February 2021, the National Institute of Standards and Technology ( NIST ), which is a subdivision of the Department of Commerce in the United States Government, announced its nine priorities for the coming year.
While its guidance is voluntary, businesses would be well advised to follow NIST s lead, as it has become the gold standard for general Privacy and Data Security compliance in the United States.
Whether business leaders want to keep their regulators unconcerned, their clients happy, or their brand strong with regard to Privacy and Data Security, they ll need to know about NIST s new focuses.
The National Institute of Standards and Technology announced priorities for the coming year. Whether business leaders want to keep their regulators unconcerned, their clients happy, or their brand strong with regard to Privacy and Data Security, they'll need to know NIST's new focuses.
By Kevin McNeill
Feb 02, 2021
The scope and sophistication of the recent highly publicized cyber-attacks on our government’s software supply chain indicates highly skilled cyber adversaries, effective network reconnaissance and careful planning. These attacks by Russian actors demonstrate the real threats to our nation’s cyber infrastructure and the risks to the systems that keep our democracy running.
The departments of Energy, Treasury and even Homeland Security, the agency charged with protecting our critical infrastructure, were all breached in this wide-ranging attack. As the new administration looks to establish cybersecurity priorities and programs, it is critical that the U.S. government and private sector work together to ensure that the vulnerabilities in our supply chain systems are not further exploited. We need to fund and invest in capabilities to control and defend cyberspace by focusing on the people, processes and technology.
[co-author: Tawanna Lee]
On December 17, 2020, the Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force (“the Task Force”) a public-private partnership whose membership includes industry representatives from the IT and Communications sectors, as well as federal government representatives released its Year Two Report (“Report”). This work takes on increased importance as the federal government and private sector grapple with software supply chain challenges in the unfolding SolarWinds incident.
The Report builds on prior Task Force efforts and summarizes the work of the five working groups to address challenges to information sharing, threat analysis, qualified bidder and manufacturer lists, vendor assurance, and impacts of the COVID-19 pandemic on ICT supply chains. It identifies areas for continued Task Force work to support SCRM efforts across government and industry. As various federal efforts focused on securing the ICT supply c