What You Need to Know: NIST Updates on Software Supply Chain Cybersecurity & Proposed Landmark US Legislation

In recent weeks, NIST has released new documents as part of the plan set out by President Biden’s Executive Order on Improving the Nation’s Cybersecurity. These documents focus on the security and integrity of the software supply chain and include Software Supply Chain Security Guidance and Special Publication 800-218, Secure Software Development Framework (SSDF).

Additionally, leaders of the U.S. Senate Homeland Security and Governmental Affairs Committee recently introduced the Strengthening American Cybersecurity Act. The act consolidates several previously proposed bills and is designed to “provide the Cybersecurity and Infrastructure Security Agency with the information and tools needed to warn of potential cybersecurity threats to critical infrastructure, prepare for widespread impacts, coordinate the government’s efforts,” as well as, “significantly bolster and modernize federal cybersecurity as new, serious software vulnerabilities continue to be discovered, such as the one in Log4j…and ensure that agencies can procure cloud-based technology quickly, while ensuring these systems, and the information they store, are secure.”

In this webinar, we’ll cover:

• The NIST Software Supply Chain Security Guidance
• The NIST Secure Software Development Framework (SSDF)
• The Proposed Strengthening American Cybersecurity Act
• Best Practices for Improving Your Supply Chain Software Security
• How to Adapt Your TPRM Program to New NIST Guidance