From NIST Tech Beat: September 1, 2015Contact: Evelyn Brown301-975-5661
"The National Institute of Standards and Technology (NIST) will host a workshop on industry best practices in cyber supply chain risk management at its Gaithersburg, Md., campus, October 1-2, 2015.
"The two-day event will feature panels of industry professionals. Topics will include how cyber supply chain risk can affect organizations, proven strategies for managing those risks, existing standards and best practices, and practical guidance for enterprise risk governance.
"The Cyber Supply Chain Risk Management workshop is designed for a broad audience, including senior executives and those involved in enterprise risk management, supply chain management, acquisition or cybersecurity.
The goals of the workshop are to:
• share current research findings,
• validate the current findings and receive additional input from stakeholders, and
• gather input to inform future versions of the Framework for Improving Critical Infrastructure Cybersecurity and other cybersecurity and supply chain risk management initiatives.
NIST developed the framework, commonly referred to as the Cybersecurity Framework, as directed in Executive Order 13636 to assist critical infrastructure organizations to better manage and reduce their cybersecurity risks. NIST also released a companion document, Roadmap for Improving Critical Infrastructure Cybersecurity, which identifies supply chain risk management as a key focus area.
NIST has a Supply Chain Risk Management Program focused on securing the information and communications technology supply chain.
Registration information and the agenda are available here.