Skip to main content

2 posts tagged with "Evidence"

Posts about evidence-backed supply-chain-security decisions.

View All Tags

AI SBOMs: When Component Visibility Has to Include Models, Data, and Infrastructure

· 6 min read
SCS Community
Maintainer

In May 2026, CISA and G7 partners released voluntary guidance on Software Bill of Materials for AI - Minimum Elements. The guidance is intended to improve transparency in artificial intelligence systems and their supply chains.

CISA frames an SBOM as an "ingredients list" that helps organizations understand supply chains and make risk-informed decisions. For AI systems, that ingredients list needs to include more than ordinary software packages.

The EU ICT Supply Chain Security Toolbox: Turning Supplier Risk into Reviewable Evidence

· 5 min read
SCS Community
Maintainer

On 13 February 2026, the NIS Cooperation Group adopted the EU ICT Supply Chain Security Toolbox, developed by Member States with support from the European Commission and ENISA.

The European Commission describes the toolbox as a horizontal, common, non-binding approach for identifying, assessing, and mitigating cybersecurity risks in ICT supply chains. It recommends measures such as critical-supplier assessment, multi-vendor strategies, and reducing dependencies on high-risk suppliers.