Security Snippets: NIST publishes guide on due diligence for cyber supply chain risk management
[co-author: Ryan Campbell] NIST’s “quick-start guide” is designed to assist acquirers as they evaluate the various risks across their network of suppliers, focusing on supply chain tiers, foreign ownership, control or influence (FOCI), provenance, …