Top Bottom
Dan.com
Dynadot

Future Sensors

78% of human domainers will be replaced by robots
Impact
10,731

Webcast: Supply Chain Security: A New Kind of Halting Problem

Today, the core of cybersecurity lies in a trusted and verified supply chain. I’ll briefly introduce the challenge of modern supply chain security, including the foundry problem. I'll categorize software and hardware supply chain compromises based on component, level and adversary motivation. I'll review recent initiatives and strategies that aim to address malicious supply chain compromise.

RSA Conference webcast, 12 January 2021

Presenter: Sarah Freeman, Industrial Control Systems (ICS) Cyber Security Analyst, Idaho National Laboratory.

 

Future Sensors

78% of human domainers will be replaced by robots
Impact
10,731

Information and Communications Technology Supply Chain Risk Management (CISA.gov)

Information and communications technology (ICT) is integral for the daily operations and functionality of U.S. critical infrastructure. If vulnerabilities in the ICT supply chain—composed of hardware, software, and managed services from third-party vendors, suppliers, service providers, and contractors—are exploited, the consequences can affect all users of that technology or service.

CISA, through the National Risk Management Center (NRMC), is committed to working with government and industry partners to ensure that supply chain risk management (SCRM) is an integrated component of security and resilience planning for the Nation’s infrastructure.


Read more:

https://www.cisa.gov/supply-chain
 
Last edited:

Future Sensors

78% of human domainers will be replaced by robots
Impact
10,731

How InfoSec Should Use the Minimum Viable Secure Product Checklist

A team of tech companies including Google, Salesforce, Slack, and Okta recently released the Minimum Viable Secure Product (MVSP) checklist, a vendor-neutral security baseline listing minimum acceptable security requirements for B2B software and business process outsourcing suppliers.

The news arrives at a time when many organizations are growing concerned about the security of third-party tools and processes they use. After attacks such as those involving SolarWinds and Kaseya, businesses are increasingly aware of how third-party tools and services could serve as a gateway to attackers.


Read more:

https://www.darkreading.com/operati...e-the-minimum-viable-secure-product-checklist
 
Name Worth