From: Security Intelligence
***
Cybersecurity Risk Assessment Reveals Supply Chain Security Gaps
While federal agencies are under increasing pressure to meet security best practices, such as National Institute of Standards and Technology (NIST) security guidance and standards, supply chain organizations further down the pipeline may escape direct observation, making it easy to avoid costly IT changes.
***
Of greater concern were specific issues common to supply chain contractors, which were rated on an A–F scale. For example, 20 percent of those surveyed said they still use outdated internet browsers, putting them at risk of new malware vectors. In addition, almost 50 percent of contractors received a C grade for their use of protective technologies in line with the NIST cybersecurity framework.
Leave a Reply