The Solarwinds Attack has caused government and private sector organizations to renew their focus on strengthening Cybersecurity Supply Chain Risk Management. By statute, federal agencies must use NIST’s C-SCRM and other cybersecurity standards and guidelines to protect non-national security federal information and communications infrastructure. The SECURE Technology Act and FASC Interim Final Rule gave NIST specific authority to develop C-SCRM guidelines. Matthew Butkovic, Technical Manager of the Cybersecurity Assurance, Software Engineering Institute will moderate a discussion with Dr. George Duchak, Chief Information Officer, DLA Information Operations and Robert S. Metzger, Shareholder at the Rogers, Joseph, O’Donnell Washington, D.C. law firm’s Cybersecurity and Privacy Practice Group to share their thoughts about designing stronger cybersecurity risk management strategies and approaches.