Update version of advice that has been in place for nine years also clarifies that supplier certification alone does not provide comprehensive protection, nor lessen the likelihood of an attack
Government procurement guidance on ensuring the cybersecurity of public sector supply chains has been a