Why you can’t decide (And what to do about it)
May 27, 2016
Commentary: The rapidly changing digital world can leave tech executives feeling overwhelmed when they're faced with charting the course of their company's cybersecurity strategy.
David Stegon was a staff reporter for FedScoop and StateScoop from 2011-2014.
The National Institute of Standards and Technology has published the final version of its guide to help federal agencies manage the risks associated with purchasing information and communications products and services.
"Notional Supply Chain Risk Management Practices for Federal Information Systems" calls for procurement organizations to establish a coordinated team approach to assess the ICT supply chain risk and to manage this risk by using technical and programmatic mitigation techniques.
The new guide is based on information technology security practices and procedures published by NIST, the National Defense University, the National Defense Industrial Association and others.
These practices were expanded to include supply chain implications.