The National Institute of Standards and Technology has drafted a publication that aims to help commercial organizations reduce cyber risks in global supply chains.
The publication, titled “Key Practices in Cyber Supply Chain Risk Management,” lists ways to tackle cyber issues associated with newer information and communications technologies made by third-party entities, NIST said Tuesday.
Jon Boyens, a NIST author, said the issue of global supply chain security stems from how everything today is interconnected.
“Products are very sophisticated and with our globalized economy, companies often outsource the tasks of developing components and code to other companies, involving multiple tiers of suppliers,” Boyens said.
The draft publication features key practices that each have corresponding recommendations and application guidance.
NIST now calls for the public to submit comments on the draft over a 30-day period through March 4. The agency plans to release the publication’s finalized version this spring.