The Cybersecurity and Infrastructure Security Agency (CISA) announced on Thursday the release of its “Software Acquisition Guide for Government Enterprise Consumers: Software Assurance in the Cyber-Supply Chain Risk Management (C-SCRM) Lifecycle.” […]

The General Services Administration (GSA) is creating a voluntary questionnaire to gather pertinent cybersecurity supply chain risk management (C-SCRM) information from vendors. […]

The Cybersecurity and Infrastructure Security Agency’s (CISA) new Cyber Supply Chain Risk Management (C-SCRM) Office is in the process of developing training and maturity models for Federal agencies, with an eye of releasing these resources in the new fiscal year (FY) to begin on Oct. 1.   […]

The Cybersecurity and Infrastructure Security Agency (CISA) plans to release a training program to help Federal agencies better understand and operationalize cyber supply chain risk management (C-SCRM), CISA’s C-SCRM Project Management Office Lead said today. […]

A top official at the Cybersecurity and Infrastructure Security Agency (CISA) said that we can expect to see “much more” guidance from agency cyber gurus in the coming months on Cybersecurity Supply Chain Risk Management (C-SCRM). […]

Federal agency officials said that having the rights tool, and a workforce culture tuned into security, are key elements in making gains on cybersecurity-supply chain risk management (C-SCRM). […]