Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications by: Jon M Boyens (Fed)

Search Title, Abstract, Conference, Citation, Keyword or Author
Displaying 1 - 17 of 17

Cybersecurity Supply Chain Risk Management for Systems and Organizations

May 5, 2022
Author(s)
Jon M. Boyens, Angela Smith, Nadya Bartol, Kris Winkler, Alexander Holbrook, Matthew Fallon
Organizations are concerned about the risks associated with products and services that may contain potentially malicious functionality, are counterfeit, or are vulnerable due to poor manufacturing and development practices within the supply chain. These

Approaches for Federal Agencies to Use the Cybersecurity Framework

August 17, 2021
Author(s)
Jeffrey Marron, Victoria Yan Pillitteri, Jon M. Boyens, Stephen Quinn, Gregory Witte
The document highlights examples for implementing the Framework for Improving Critical Infrastructure Cybersecurity (known as the Cybersecurity Framework) in a manner that complements the use of other NIST security and privacy risk management standards

Key Practices in Cyber Supply Chain Risk Management: Observations from Industry

February 11, 2021
Author(s)
Jon M. Boyens, Celia Paulsen, Nadya Bartol, Kris Winkler, James Gimbi
In today's highly connected, inter-dependent world, all organizations rely on others for critical products and services. However, the reality of globalization, while providing many benefits, has resulted in a world where organizations no longer fully

Impact Analysis Tool for Interdependent Cyber Supply Chain Risks

August 25, 2020
Author(s)
Celia Paulsen, Jon M. Boyens, Jeffrey Ng, Kris Winkler, James Gimbi
As awareness of cybersecurity supply chain risks grows among federal agencies, there is a greater need for tools that evaluate the impacts of a supply chain-related cyber event. This can be a difficult activity, especially for those organizations with

Case Studies in Cyber Supply Chain Risk Management: Anonymous Consumer Goods Company

February 4, 2020
Author(s)
Jon M. Boyens, Celia Paulsen, Nadya Bartol, Kris Winkler, James Gimbi
The Case Studies in Cyber Supply Chain Risk Management series engaged with several companies that are leaders in managing cyber supply chain risk. These case studies build on the Best Practices in Cyber Supply Chain Risk Management case studies originally

Case Studies in Cyber Supply Chain Risk Management: Anonymous Renewable Energy Company

February 4, 2020
Author(s)
Jon M. Boyens, Celia Paulsen, Nadya Bartol, Kris Winkler, James Gimbi
The Case Studies in Cyber Supply Chain Risk Management series engaged with several companies that are leaders in managing cyber supply chain risk. These case studies build on the Best Practices in Cyber Supply Chain Risk Management case studies originally

Case Studies in Cyber Supply Chain Risk Management: Mayo Clinic

February 4, 2020
Author(s)
Jon M. Boyens, Celia Paulsen, Nadya Bartol, Kris Winkler, James Gimbi
The Case Studies in Cyber Supply Chain Risk Management series engaged with several companies that are leaders in managing cyber supply chain risk. These case studies build on the Best Practices in Cyber Supply Chain Risk Management case studies originally

Case Studies in Cyber Supply Chain Risk Management: Palo Alto Networks, Inc.

February 4, 2020
Author(s)
Jon M. Boyens, Celia Paulsen, Nadya Bartol, Kris Winkler, James Gimbi
The Case Studies in Cyber Supply Chain Risk Management series engaged with several companies that are leaders in managing cyber supply chain risk. These case studies build on the Best Practices in Cyber Supply Chain Risk Management case studies originally

Case Studies in Cyber Supply Chain Risk Management: Seagate Technology

February 4, 2020
Author(s)
Jon M. Boyens, Celia Paulsen, Nadya Bartol, Kris Winkler, James Gimbi
The Case Studies in Cyber Supply Chain Risk Management series engaged with several companies that are leaders in managing cyber supply chain risk. These case studies build on the Best Practices in Cyber Supply Chain Risk Management case studies originally

Criticality Analysis Process Model

April 9, 2018
Author(s)
Celia Paulsen, Jon M. Boyens, Nadya Bartol, Kris Winkler
In the modern world, where complex systems and systems-of-systems are integral to the functioning of society and businesses, it is increasingly important to be able to understand and manage risks that these systems and components may present to the

Increasing Visibility and Control of Your ICT Supply Chains

June 15, 2015
Author(s)
Jon M. Boyens, Celia Paulsen, Larry Feldman, Greg Witte
This bulletin summarizes the information presented in NIST SP 800-161, Supply Chain Management Practices for Federal Information Systems and Organizations, written by Jon Boyens and Celia Paulsen. The publication provides guidance to federal agencies on

Notional Supply Chain Risk Management Practices for Federal Information Systems

October 16, 2012
Author(s)
Jon M. Boyens, Celia Paulsen, Nadya Bartol, Rama Moorthy, Stephanie Shankles
This publication is intended to provide a wide array of practices that, when implemented, will help mitigate supply chain risk to federal information systems. It seeks to equip federal departments and agencies with a notional set of repeatable and