“At the NASA SEWP (Solutions for Enterprise-Wide Procurement) SCRM Hybrid Forum 2022 on May 24, Joanne Woytek, program manager for the NASA SEWP program, explained how cyber risk management does not mean achieving zero risk. ‘Risk is the important word,’ Woytek said. ‘That is one of those keywords that people keep forgetting when they talk about this issue. It’s “how do I get no risk?” and you can’t. You have to look at what’s important to the mission, versus what security is needed to then make sure it’s secure and what the level is at.’... Renee Wynn, former chief information officer at NASA, agreed with Woytek and emphasized that it’s ‘critical’ to understand the supply chain risk process before putting software onto one’s network... Wynn explained that there are differences in risk-based decisions in terms of data and users. For example, she said software in a mission control center is ‘very different than software being used in a scientific mission because the data for scientific missions are going to flip out to the public in 24 hours.’...” Read the full article here. Source: NASA Experts: ‘No Risk’ is No-Go in Cyber Risk Management – By Grace Dille, May 26, 2022. MeriTalk.