The National Institute of Standards and Technology (NIST) has updated its guidance document for helping organizations identify, assess and respond to cybersecurity risks throughout the supply chain. “[Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations (C-SCRM)] encourages organizations to consider the vulnerabilities not only of a finished product they are considering using, but also of its components — which may have been developed elsewhere — and the journey those components took to reach their destination,” NIST explains.
Read full article on Help Net Security