Cybersecurity has been a frequent topic of discussion in the news recently. As the amount of information hosted and shared over the internet continues to grow, the ability to protect that information is of utmost concern.
Confirming that trend, the National Institute of Standards and Technology (NIST) issued a draft update on January 10 to its Framework for Improving Critical Infrastructure Cybersecurity containing information specifically related to software-as-a-service (SaaS) and the Internet of Things (IoT). If you are in need of a quick refresher on SaaS and the IoT, Interoute.com offers an explanation of SaaS applications. And, you can learn more about the IoT by reading A Simple Explanation of ‘The Internet of Things’ from Forbes.
The updated material focuses on cyber supply chain risk management (SCRM). Per the NIST, “A primary objective of cyber SCRM is to identify, assess and mitigate products and services that may contain potentially malicious functionality, are counterfeit, or are vulnerable due to poor manufacturing and development practices within the cyber supply chain.” For the full report, visit the NIST website.
In light of this updated material, SaaS providers and IoT manufacturers should prepare for increased scrutiny of security practices and features by customers and, possibly, federal regulators.
If you have any questions about the NIST updates and how they affect your business, feel free to contact our office.