Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cybersecurity Supply Chain Risk Management C-SCRM

NIST-Sponsored Research

NIST regularly conducts and awards contracts, grants, or cooperative agreements to conduct research into cybersecurity supply chain risk management (C-SCRM) and related topics. The following are relevant research activities:

 

Cyber Risk Analytics: A NIST and GSA-Sponsored grant from 2015-2017 examining the relationship between various risk management practices and publicly disclosed breaches.

Industry C-SCRM Best Practices: Ongoing work developing case studies exploring effective risk management practices used by various industry organizations. 

Cyber Risk Portal: An Enterprise Risk Assessment Application developed by the University of Maryland from grants awarded in 2010 and 2012.

C-SCRM Environmental Scan: From a grant awarded in 2010, the University of Maryland researched existing standards documents related to SCRM.

 

To submit a grant / cooperative agreement proposal, please see https://www.nist.gov/itl/how-work-us/itl-grants-program.

Contacts

Supply Chain General Inquiries
scrm-nist@nist.gov

Jon Boyens - Project Lead - NIST
boyens@nist.gov
301-975-5549

Rebecca McWhite - Technical Lead - NIST
rebecca.mcwhite@nist.gov

Jeff Brewer - NIST
jeffrey.brewer@nist.gov

sw.assurance Google Group
sw.assurance@list.nist.gov

Created May 24, 2016, Updated May 06, 2024