NIST recently announced a new effort to work with the private sector and others in government to improve cybersecurity in supply chains. This initiative will help organizations to build, evaluate, and assess the cybersecurity of products and services in their supply chains, an area of increasing concern.
The effort, known as the National Initiative for Improving Cybersecurity in Supply Chains (NIICS), will emphasize tools, technologies, and guidance focused on the developers and providers of technology. At the same time, there is a need among those acquiring products and services for cohesive, practical, performance-oriented guidance to address the broader cybersecurity risks to the security and resilience of all supply chains.
NIST is discussing stakeholder cybersecurity-related supply chain needs with private sector and government organizations that are key to the security of the U.S. critical infrastructure sectors and the broader economy. This will include the private sector companies that participated in a White House summit with President Biden, Secretary of Commerce Raimondo, and other officials on August 25, 2021 – and many other organizations. NIST expects to issue a Request for Information (RFI) to help guide this partnership.
NIST also is drawing on information provided as part of its cybersecurity-related supply chain activities and to fulfill a May 12, 2021, Executive Order on Improving the Nation’s Cybersecurity.
Questions about this effort? Want to participate? Email us at NIICS [at] nist.gov.
For more information about NIST’s other work on improving cybersecurity in supply chains, please visit NIST’s Cybersecurity Supply Chain Risk Management Program.