In the wake of the recent SolarWinds and Microsoft Exchange hacks, the Cybersecurity and Infrastructure Security Agency (CISA) is emphasizing the need to shore up supply chain integrity, adopt a zero trust security concepts mindset, and direct more resources to best address vulnerabilities.
The House Armed Services Committee is standing up an acquisition task force that will examine supply chain threats and vulnerabilities.
The secretaries of Homeland Security and Commerce will work together on the one-year review of information and communications technology (ICT) industrial base supply chains ordered by President Biden earlier this week.
An executive order to be signed by President Biden today will order Federal agencies to conduct year-long reviews of their supply chain and industrial base risks, with the defense industrial base (DIB) and information and communications technology (ICT) industrial base among six key sectors identified in the order.
The Cybersecurity and Infrastructure Security Agency (CISA) has extended by six months the term of its Information and Communications Technology (ICT) Supply Chain Task Force, which was set up by the agency two years ago as a venue for government and industry to develop consensus strategies to improve ICT supply chain security.
The Cybersecurity and Infrastructure Security Agency (CISA) released the annual report for the Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force on Dec. 17 which highlights ongoing efforts of five working groups addressing challenges related to information sharing, threat analysis, qualified bidder and qualified manufacturers lists, vendor assurance, and the COVID-19 pandemic.
With the Federal government placing more and more emphasis on supply chain security, harmonizing various efforts to reduce confusion is an important step towards better regulation, said Grant Schneider, former Federal CISO, and now senior director of cybersecurity services at Venable.
As state and local leaders continue to grapple with the COVID-19 pandemic, the Cybersecurity and Infrastructure Security Agency (CISA) released an update to its Essential Critical Infrastructure Workers Guidance. Version 4.0, released today, provides guidance for jurisdictions and critical infrastructure owners to ensure that essential workers can work safely while supporting ongoing infrastructure operations across the nation.
The Federal government and critical infrastructure owners and operators spend $500 billion annually on information and communications technology (ICT) from thousands of suppliers – small, medium, and large; national and international. Digital transformation and globalization have brought technology advancements and operational efficiencies to Federal agencies. But the increasingly labyrinthine nature of Federal supply chains impacts the security of Federal systems, data, and missions.
A new bill introduced by Rep. Morgan Griffith, R-Va., would task the Department of Commerce with conducting a quantum computing study to outline economic benefits of the technology, and identify and mitigate supply chain risks.
The Cybersecurity and Infrastructure Security Agency (CISA) late last week issued a practical checklist to help executives “think through” infrastructure protection, supply chain, and cybersecurity issues in light of the COVID-19 coronavirus, and potential effects to workforce and operations.
The Office of Management and Budget (OMB) issued a call Jan. 27 for ideas to help the Federal government modernize its acquisition and supply chain functions.
United Kingdom authorities said today they will allow communications service providers to use in their networks a limited amount of equipment made by “high risk vendors,” and impose restrictions on more extensive use of equipment from those firms.
Software trade group BSA said the rules proposed under the Securing the Information and Communications Technology and Services Supply Chain executive order may give the Secretary of Commerce “unbounded discretion to review commercial ICT transactions, applying highly subjective criteria in an ad hoc and opaque process that lacks meaningful safeguards for companies.”
Attacks by nation-state actors and exploits targeting supply chains are among top cybersecurity concerns of IT officials, a report by CrowdStrike released on Nov. 19 reported.
The Government Accountability Office recommended in a recent report that the Defense Department (DoD) take steps to ensure that the U.S. Air Force develops a “comprehensive acquisition strategy” for its Space Command and Control (C2) program that aims to deliver better capability to protect U.S. space assets from attacks and collisions with space debris.
The General Services Administration (GSA) today announced the award of its Second Generation Information Technology (2GIT) Blanket Purchase Agreements (BPAs) that have an estimated value of $5.5 billion over five years.
The General Services Administration (GSA) is gathering feedback that it will present to telecom service providers regarding supply chain and other security requirements for 5G wireless services that the Federal government will be acquiring, a GSA official said today at the agency’s 5G Government Symposium event.