Agenda at a glance:
- Executive Order 14028 – Section 4 Enhancing Software Supply Chain Security, Matthew Scholl, Computer Security Division
- Draft SP 800-161 Revision 1, Supply Chain Risk Management Practices for Information Systems and Organizations, Angela Smith and Jon Boyens, Computer Security Division
__
NOTE: FORUM MEETINGS ARE OPEN TO ONLY FEDERAL/STATE EMPLOYEES AND THEIR DESIGNATED SUPPORT CONTRACTORS. REGISTRANTS MUST USE A .GOV OR .MIL ADDRESS FOR SIGN-UP. SUPPORT CONTRACTORS MUST INDICATE THE AGENCY OR ORGANIZATION THEY SUPPORT.
The Federal C-SCRM Forum fosters collaboration and the exchange of cyber supply chain risk management (C-SCRM) information among federal organizations to improve the security of federal supply chains. Through periodic meetings and informal exchanges, the Forum offers all agencies that depend upon or guide C-SCRM an opportunity to discuss issues of interest with – and to inform – many of those leading C-SCRM efforts in the federal ecosystem. For more information about the Forum and instructions on how to join, see: https://csrc.nist.gov/Projects/cyber-supply-chain-risk-management/federal-c-scrm
|
Time
|
Topic
|
Presenter
|
|
12:00pm
|
Welcome – Introduction – Background – Going Forward
|
Angela Smith and Jon Boyens, Computer Security Division (CSD)
|
|
12:15pm
|
EO 14028 Section 4 Enhancing Software Supply Chain Security
|
Matthew Scholl, CSD
|
|
12:30pm
|
High-level overview of Draft SP 800-161 Revision 1
|
Angela Smith and Jon Boyens, CSD
|
|
12:45pm
|
Q&A
|
Angela Smith and Jon Boyens, CSD
|
EO 14028 Section 4, Enhancing Supply Chain Security: NIST Implementation: https://www.nist.gov/itl/executive-order-improving-nations-cybersecurity/executive-order
SP800 -161 (Revision 1): The Initial Public Draft of SP 800-161 Revision 1 has been released for public comment and is posted here: https://csrc.nist.gov/publications/detail/sp/800-161/rev-1/draft
