New NIST revisions expand scope of cyber supply chain risk management guidance
By 
Jaclyn Jaeger2021-05-20T18:04:00
The National Institute of Standards and Technology is seeking comment on a revised version of its cyber supply chain risk management guidance that is intended for a broader audience of public and private companies.
Related articles
-
ArticleBig week for breaches: McDonald’s, Carnival, and more
Multiple high-profile companies—including Carnival, Wegmans, McDonald’s, Volkswagen, and CVS—have confirmed in recent days they were either victims of a data breach or were alerted to a gap in their security controls.
-
ArticleNIST guidance tackles how to integrate cyber-security with ERM
New guidance from NIST aims to demystify a process with which many companies across all industries have long struggled: how to seamlessly integrate cyber-security risk into an overall enterprise risk management program.
-
ArticleNIST seeks comment on ransomware, cyber-attack guidance
The National Institute of Standards and Technology is seeking input on a trio of draft guidance published in the past week. Two of the drafts address ransomware attacks, and the third addresses protecting against cyber-attacks in the supply chain.
More from Risk Management
-
PodcastStudy: Compliance managers must set rules in race to adopt AI agents and copilots
More than half of all compliance teams are “actively using” or “piloting” AI applications, according to a Moody’s report. While most are focusing on streamlining routine tasks, some are developing AI agents and asking vital questions about AI decision-making.
-
PremiumThanks to 'laser focus' on cartels, Trump admin creates new corporate risks in Mexico
The Trump administration’s designation of Mexican cartels as terrorist organizations in February has made doing business in Mexico riskier than ever before for corporations.
-
News BriefFederal Reserve Board drops reputational risk from exams, aligning with OCC and FDIC shift
Bank examiners at the Federal Reserve Board will no longer assess reputational risk during examinations, a concession to the banking industry already underway with two other U.S. regulators.