Cyber-Supply Chain Risk Management (C-SCRM) Archives

GSA to set baseline requirements for cloud providers through Ascend

Requirements will emphasize Cloud Smart objectives and cybersecurity supply chain risk management while providing agencies an open source experience.

Aug 4, 2022 By Dave Nyczepir

The Department of Justice seal is seen on a lectern ahead of a press conference in Washington, DC on November 28, 2018. (Photo by MANDEL NGAN / AFP)

Watchdog finds just two DOJ agencies adhering to supply chain risk requirements

The DOJ’s Office of Inspector General carried out an audit of cyber-supply chain risk management compliance across the department.

Jul 7, 2022 By John Hewitt Jones

coder, developer, programmer, hacker, devops, devsecops, hacking, bug bounty — (Getty Images)

NIST gives agencies new guidance to prepare for next SolarWinds-like hack

During the 2020 SolarWinds hack, bad actors were able to access thousands of networks inside and outside government.

May 6, 2022 By Billy Mitchell

applications, apps, AI, IoT, internet of things, software — (Getty Images)

Agencies underscore software vulnerabilities in supply chain assessments

The pandemic revealed an overreliance on software developers with opaque supply chains and a high risk of "cascading effects" should their products be compromised.

Feb 25, 2022 By Dave Nyczepir

DHS wants to know how cyber-hygiene contract clauses are affecting vendors

A sample of vendors will soon receive a questionnaire from the agency.

Feb 7, 2022 By Dave Nyczepir

Cyber-Supply Chain Risk Management (C-SCRM)

FedScoop Daily