Security Bloggers Network 
SBN

Is the U.S. Learning From Software Supply Chain Attacks?

Avatar photo by Jacqueline von Ogden on March 15, 2022
Is the U.S. Learning From Software Supply Chain Attacks?

We’ve written a lot about the dangers of supply chain attacks in recent articles.

But after so many successful attacks—including arguably the most significant supply chain attack of all time in 2021—is the U.S. any safer today than it was a few years ago?

The short answer is “not really.” While there have been several attempts to ramp up software supply chain legislation, so far, the most significant changes and additions have not been made.

However, two major initiatives are happening right now to address this problem.

Current Initiatives for Software Supply Chain Security

There have been several attempts in the past by organizations like NIST to set SCRM requirements for technology vendors that sell to federal agencies. Up to now, these attempts have lacked the ‘bite’ needed to compel significant changes to the security posture and practices of technology vendors.

In 2021, two significant initiatives began (Read more...)

*** This is a Security Bloggers Network syndicated blog from Cimcor Blog authored by Jacqueline von Ogden. Read the original post at: https://www.cimcor.com/blog/is-the-u.s.-learning-from-software-supply-chain-attacks

Jacqueline von Ogden , ,