WASHINGTON – Today, global tech trade association ITI welcomed the release of the National Institute of Standards and Technology’s (NIST) Special Publication 800-161 Rev. 1, Cybersecurity Supply Chain Risk Management Practices for Systems and Organizations. The guidance, which incorporates directives from the May 2021 Executive Order on Improving the Nation's Cybersecurity, assists federal agencies and other organizations in identifying, assessing, and mitigating cybersecurity risks throughout the supply chain at all organizational levels.
"Supply chain security is a major priority for the technology industry, and we applaud NIST for publishing a comprehensive document that aligns with industry best practices" said Gordon Bitko's ITI's Senior Vice President of Public Sector Policy. "In particular, we are pleased that the document emphasizes the role of the Federal Acquisition Security Council as a key player in government-wide supply chain risk management, and that the document encourages government buyers to elevate security in the source selection process. We look forward to engaging further with NIST and other government partners on similar policy initiatives."