Secure Supply Chain
How Biden’s National Security Memo Bolsters US Cybersecurity
To account for the growing potential threat of cyberattacks across government systems, the Biden administration is prioritizing its efforts to strengthen the U.S.’s cybersecurity capabilities. In the latest National Security Memorandum, the ...
Is Your Supply Chain Secure?
In 2021, there were a number of major supply chain attacks that crippled multiple companies. Think back to the Kaseya attack in July, or, even before that, the SolarWinds attack that came ...
Supply Chain Emerging as Cloud Security Threat
Misconfigurations in software development environments and poor security hygiene in the supply chain can impact cloud infrastructure and offer opportunities for malicious actors to control unwitting victims’ software development processes. These were ...
State of DevOps 2021: Benefits of a Secure Software Supply Chain
As more and more organizations embrace digital transformation and ways of conducting business virtually, we have unfortunately seen a corresponding increase in the number of data breaches and cyberattacks. In 2020 alone, ...
Supply Chain Security – Not As Easy As it Looks
The massive exploit of SolarWinds is a prime example of what is called a “supply chain” vulnerability. The vast majority of those impacted by the Russian SolarWinds attack probably had never even ...
Report Finds Software Supply Chains Rife with Vulnerabilities
A report published today by application security testing tool provider GrammaTech in collaboration with Osterman Research suggests just about every software supply chain is rife with vulnerabilities. An analysis of commercial off-the-shelf ...
Biden Administration Drafting EO to Help U.S. Gov’t Secure Digital Supply Chain
The Biden administration said it’s drafting an executive order to help the United States government better defend itself against digital supply chain attacks. A Step Up for Federal Procurement According to NPR, ...
Understanding Cybersecurity Supply Chain Risk Management (C-SCRM)
Cybersecurity Supply Chain Risk Management (C-SCRM) deals with more than protecting an organization from cyber-attacks on third parties. It also addresses third parties to those third parties (known as “fourth parties”). Further ...
Supply Chain Risk Management – What You Need to Know to Build a Successful SCRM Program
There is a story from years ago about a warehouse network of computers that was separated from the main network. Those machines were running older OSes. But since they weren’t connected to ...
Now Is the Time to Get up to Speed with CMMC and SP 800-171 Rev 2
At the beginning of March 2020, Fifth Domain reported that Colorado-based aerospace, automotive and industrial parts manufacturer Visser Precision LLC had suffered a DoppelPaymer ransomware infection. Those behind this attack ultimately published ...
