Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond. This week: CISA’s newest office is working to operationalize cyber supply chain risk management (C-SCRM). Also: a GuLoader malware campaign is targeting the global e-commerce industry.
This Week’s Top Story
CISA’s newest office to offer guidance on cyber supply chain security
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is making arrangements to build a new office centered on cyber supply chain risk management (C-SCRM), says Federal News Network. The office is being created in an effort to assist government and industry entities in putting C-SCRM into practice, based on the various guidelines and policies put into effect in recent years.
The idea for the C-SCRM office grew out of the Federal Acquisition Security Council (FASC), a new council created by the 2018 SECURE Act and responsible for developing government-wide policies and criteria for securing IT supply chains.
Shon Lyublanovits, a former General Services Administration…
