The U.S. Department of Energy (DOE) Office of Cybersecurity, Energy Security and Emergency Response (CESER) has released version 2.1 of the Cybersecurity Capability Maturity Model (C2M2).
Now more than ever, it’s important to instill trust in the software supply chain. Code signing can help organizations ensure the security of their software supply chain.
Security leaders should focus on risk management principles when tackling software supply chain security, according to the Center for Internet Security SVP and Chief Evangelist Tony Sager.
Application security remains a wide attack vector for cybercriminals, but cybersecurity leaders can use tools to better detect vulnerabilities in their applications and software supply chains.
The Port of Vancouver USA has partnered with the Maritime Transportation System Information Sharing and Analysis Center (MTS-ISAC) to launch the Lower Columbia River Maritime Information Exchange (LCR-MIX), hardening the port system against cyberattacks.
Managing third-party risk is integral to maintaining enterprise cybersecurity and supply chain security. Determining who in the enterprise is responsible for third-party vendor security can help reduce risk, according to NCC Group research.
Cybersecurity experts weigh in on the National Institute of Standards and Technology (NIST)'s updated guidelines for maintaining software supply chain security.