Catherine Castaldo and Christine Gartland discuss the recent National Institute of Standards and Technology (NIST) guidance on practices for software supply chain security and how it can be applied to private businesses and their respective software supply chains and cybersecurity practices.