U.S. flag   An official website of the United States government

NISTIR 8276

Key Practices in Cyber Supply Chain Risk Management: Observations from Industry

Date Published: February 2021

Author(s)

Jon Boyens (NIST), Celia Paulsen (NIST), Nadya Bartol (Boston Consulting Group), Kris Winkler (Boston Consulting Group), James Gimbi (Boston Consulting Group)

Abstract

Keywords

best practices; cyber supply chain risk management; C-SCRM; external dependency management; information and communication technology supply chain risk management; ICT SCRM; key practices; risk management; supplier; supply chain; supply chain assurance; supply chain risk; supply chain risk assessment; supply chain risk management; supply chain security; third-party risk management
Control Families

None selected

Documentation

Publication:
NISTIR 8276 (DOI)
Local Download

Supplemental Material:
Cyber SCRM Key Practices and Case Studies (other)

Document History:
02/04/20: NISTIR 8276 (Draft)
02/11/21: NISTIR 8276 (Final)

Topics

Security and Privacy
cyber supply chain risk management

Applications
cybersecurity framework