NIST Releases Draft Guidance on Supply Chain Security

The National Institute of Standards and Technology has drafted a publication that aims to help commercial organizations reduce cyber risks in global supply chains.

The publication, titled "Key Practices in Cyber Supply Chain Risk Management," lists ways to tackle cyber issues associated with newer information and communications technologies made by third-party entities, NIST said Tuesday.

Jon Boyens, a NIST author, said the issue of global supply chain security stems from how everything today is interconnected.

“Products are very sophisticated and with our globalized economy, companies often outsource the tasks of developing components and code to other companies, involving multiple tiers of suppliers," Boyens said.

The draft publication features key practices that each have corresponding recommendations and application guidance.

NIST now calls for the public to submit comments on the draft over a 30-day period through March 4. The agency plans to release the publication's finalized version this spring.

Check Also

Dept. of Energy

DOE Funds Biomanufacturing Projects

The Department of Energy is investing $5M in eight cost-shared projects that tackle challenges in the country's biomanufacturing industry. DOE said Friday it will use its national laboratories to support these projects in alignment with the  Agile BioFoundry consortium.