The Cybersecurity and Infrastructure Safety Company (CISA) launched the Software Acquisition Guide: Supplier Response Web Tool, a no-cost, interactive useful resource designed to empower data expertise (IT) and business choice makers, procurement professionals and software program suppliers strengthen cybersecurity practices all through the software program procurement lifecycle.
The Internet Instrument builds on the “Software program Acquisition Information for Authorities Enterprise Customers: Software program Assurance within the Cyber-Provide Chain Danger Administration (C-SCRM) Lifecycle”, providing a streamlined, digital expertise that simplifies how customers assess software program assurance and provider threat.
“This software demonstrates CISA’s dedication to providing sensible, free options for smarter, safer software program procurement,” mentioned CISA Director of Public Affairs, Marci McCarthy. “Remodeling the Software program Acquisition Information into an interactive format simplifies integrating cybersecurity into each step of procurement.”
The Internet Instrument helps secure-by-design and secure-by-default rules by:
- Breaking the Information into manageable, adaptive sections primarily based on consumer enter
- Serving to customers deal with probably the most related questions for his or her acquisition context
- Enabling exportable summaries that may be shared with CISOs, CIOs, and different key decision-makers
- Supporting stronger due diligence and safer outcomes throughout procurement efforts
Whether or not evaluating a single product or managing a fancy acquisition, the Internet Instrument empowers customers to make knowledgeable, risk-aware choices that align with federal cybersecurity steerage and greatest practices.
This launch is a part of CISA’s broader effort to strengthen software program provide chain resilience and equip stakeholders with trendy instruments that handle in the present day’s evolving cyber. CISA continues to prioritize the event of sensible, no-cost digital options that assist organizations of all sizes combine cybersecurity into their procurement processes.
The Software Acquisition Guide and its accompanying spreadsheet have already reached over 10,000 customers and been downloaded greater than 4,000 occasions, reflecting robust demand throughout federal, state, and native governments, in addition to small and mid-sized companies.
To study extra, go to: Information and Communications Technology Supply Chain Security.
The unique announcement could be discovered here.
