Source: www.upguard.com
How to Meet Third-party Risk Requirements of NIST 800-161 | UpGuard
The National Institute of Standards and Technology (NIST) has produced several publications addressing the different components of information technology security within the NIST 800 computer security series. NIST has produced three special publications focused on mitigating supply chain attacks: NIST SP 800-53 Rev 5 https://www.upguard.com/blog/nist-cybersecurity-framework (NIST CSF)This post will focus on the NIST 800-161 special publication and expl ain how its third-party risks mitigation metrics can be addressed.
NIST 800-53 is the foundational framework for all security controls within the NIST 800 series.
Some suggested supply chain risk management practices for federal information systems and organizations are outlined below: Continuous monitoring of cybersecurity risks in the supply chain - Real-time tracking of attack surface exploits empowers organizations to address supply chain security risks before cybercriminals exploit them.
Security questionnaire automation - Automate supply chain risk assessments mapping to regulatory and industry standards, such as ISO IEC, NIST, COBIT, and ISA.
NIST 800-53 is the foundational framework for all security controls within the NIST 800 series.
Some suggested supply chain risk management practices for federal information systems and organizations are outlined below: Continuous monitoring of cybersecurity risks in the supply chain - Real-time tracking of attack surface exploits empowers organizations to address supply chain security risks before cybercriminals exploit them.
Security questionnaire automation - Automate supply chain risk assessments mapping to regulatory and industry standards, such as ISO IEC, NIST, COBIT, and ISA.
Related Articles
Community Partners
DevOps Careers