New NIST revisions expand scope of cyber supply chain risk management guidance

By Jaclyn Jaeger2021-05-20T18:04:00

The National Institute of Standards and Technology is seeking comment on a revised version of its cyber supply chain risk management guidance that is intended for a broader audience of public and private companies.

lock icon THIS IS MEMBERS-ONLY CONTENT. To continue reading, choose one of the options below.

Become a Member

News and analysis for the well-informed compliance or audit exec. Select an option and click continue.

Annual Membership $499 Value offer

Full price one year membership with auto-renewal.

Membership $599

One-year only, no auto-renewal.

Access CW Newsletters and CPE webcasts. REGISTER FOR LIMITED FREE ACCESS

Already a Compliance Week member?

Article
Big week for breaches: McDonald’s, Carnival, and more

2021-06-18T19:20:00Z By Jaclyn Jaeger

Multiple high-profile companies—including Carnival, Wegmans, McDonald’s, Volkswagen, and CVS—have confirmed in recent days they were either victims of a data breach or were alerted to a gap in their security controls.
Article
NIST guidance tackles how to integrate cyber-security with ERM

2020-10-22T15:34:00Z By Jaclyn Jaeger

New guidance from NIST aims to demystify a process with which many companies across all industries have long struggled: how to seamlessly integrate cyber-security risk into an overall enterprise risk management program.
Article
NIST seeks comment on ransomware, cyber-attack guidance

2020-02-07T17:07:00Z By Jaclyn Jaeger

The National Institute of Standards and Technology is seeking input on a trio of draft guidance published in the past week. Two of the drafts address ransomware attacks, and the third addresses protecting against cyber-attacks in the supply chain.

More from Risk Management

Premium
Worries DOJ is ‘dumping’ AI responsibilities on compliance departments in ECCP update

2024-12-13T16:47:00Z By Aaron Nicodemus

When the DOJ released its revised Evaluation of Corporate Compliance Programs, it turned some heads. Tucked into a section on risk assessments was a strongly worded series of questions that appeared to shoulder compliance teams with the responsibility for ensuring the safe use of AI tools by their firms.
Premium
Compliance’s fit in AI governance: Reading between lines of DOJ’s updated ECCP guidance

2024-12-12T14:32:00Z By Aaron Nicodemus

The Department of Justice’s Evaluation of Corporate Compliance Programs has made the importance of artificial intelligence governance frameworks clear, but it didn’t say what role compliance should play. Here’s the answer.
News Brief
FinCEN alerts financial institutions to be wary of AI-enabled deepfakes

2024-11-14T20:36:00Z By Adrianne Appel

The U.S. Department of the Treasury’s Financial Crimes Enforcement Network issued an alert to financial institutions about their obligations to report deepfakes, warning artificial intelligence has given bad actors additional tools in their arsenal.

“For tracking litigation, enforcement, and regulatory developments, Compliance Weekshould be your prime source.”

New NIST revisions expand scope of cyber supply chain risk management guidance

Become a Member

Related articles

Big week for breaches: McDonald’s, Carnival, and more

NIST guidance tackles how to integrate cyber-security with ERM

NIST seeks comment on ransomware, cyber-attack guidance

More from Risk Management

Worries DOJ is ‘dumping’ AI responsibilities on compliance departments in ECCP update

Compliance’s fit in AI governance: Reading between lines of DOJ’s updated ECCP guidance

FinCEN alerts financial institutions to be wary of AI-enabled deepfakes

“For tracking litigation, enforcement, and regulatory developments, Compliance Week
should be your prime source.”