Energy companies operating critical infrastructure and vendors supplying products to these entities will find useful, practical cybersecurity supply chain risk management (SCRM) guidance in these resources provided by NASA.
NASA was very instrumental during development of CISA's Secure by Design Software Acquisition Guide best practices and a valuable contributor to the CISA ICT_SCRM Task Force public-private partnership.