UK government proposes new rules for digital supply chain security
News and information from the Advent IM team.
Proposals could see IT service providers legally required to adhere to the NCSC’s Cyber Assessment Framework, among other things
The UK government has unveiled plans to boost the cyber security of the country’s digital supply chains with a series of measures that could include mandating IT service providers to adhere to the National Cyber Security Centre’s (NCSC’s) Cyber Assessment Framework (CAF).
The proposals follow a Department for Digital, Culture, Media, and Sport (DCMS) consultation on the issue of digital supply chains and third-party IT services, launched in May 2021 after a spate of incidents in which IT companies – most notably SolarWinds – were used by malicious actors to target downstream customers.
Read via Computer Weekly