CISA Developing New Resource Center for Supply Chain, Software Security Standards Compliance

The Cybersecurity and Infrastructure Security Agency is working on a new resource center to guide federal agencies in complying with cyber supply chain risk management and software security standards, including those from the National Institute of Standards and Technology.

Speaking at FCW’s Supply Chain Workshop, Shon Lyublanovits, C-SCRM project management office lead at CISA, shared that the center will undergo a pilot test involving selected agencies, with a plan to also include industry players to promote information sharing between public and private sectors, Nextgov reported. CISA will gather feedback from participants to ensure the hub will help organizations implement C-SCRM practices and enhance their overall cyber hygiene.

The center’s exact launch date has yet to be determined but Lyublanovits said CISA will provide more clarity on the project beginning next fiscal year.

Lyublanovits, meanwhile, revealed CISA’s plan to develop a new training program for federal government and industry stakeholders to understand C-SCRM processes and requirements. She said the training will provide them with tools and techniques to reduce risks.