2019 Cyber Security Brainstorm - Wrangling Today’s CI Challenges

Assessors for the new cybersecurity standard for contractors of the Department of Defense have not yet been selected, but a Department of Homeland Security official praised DoD’s efforts and said his department is looking toward their example. […]

The Federal government and critical infrastructure owners and operators spend $500 billion annually on information and communications technology (ICT) from thousands of suppliers – small, medium, and large; national and international. Digital transformation and globalization have brought technology advancements and operational efficiencies to Federal agencies. But the increasingly labyrinthine nature of Federal supply chains impacts the security of Federal systems, data, and missions.






[…]

The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) released two supply chain risk management (SCRM) products on May 6 to help businesses and organizations boost supply chain security.






[…]

The Telecommunication Industry Association (TIA) says that those involved in developing wireless, Internet of Things, 5G, and other compute-rich networks are at security and economic risk and that the solution is global supply chain security standards and programs that are industry driven.






[…]

Military AI DoD Defense
cybersecurity chip AI

Software trade group BSA said the rules proposed under the Securing the Information and Communications Technology and Services Supply Chain executive order may give the Secretary of Commerce “unbounded discretion to review commercial ICT transactions, applying highly subjective criteria in an ad hoc and opaque process that lacks meaningful safeguards for companies.”






[…]

supply chain risk management process automation

The Cybersecurity and Infrastructure Security Agency’s (CISA) Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force approved a new working group to develop SCRM frameworks and best practices.






[…]

DOJ Department of Justice

The Department of Commerce released a draft regulation for a case-by-case process of banning Americans from buying IT equipment from companies controlled by foreign interests, a power granted by May’s executive order on supply chain security.






[…]

The Department of Veterans Affairs (VA) is making progress on improving cybersecurity, but with past weaknesses and upcoming modernization efforts, the department needs to address outstanding issues and set a solid security foundation, witnesses testified to the House Veterans Affairs Subcommittee on Technology Modernization on November 14.






[…]

supply chain risk management process automation
voting, election, election security

A bipartisan group of members of the House Energy and Commerce Committee introduced a bill today to provide $1 billion in aid to remove prohibited equipment from the networks of small communications providers and prevent the usage of Federal funds for “any company that poses a national security risk to American communications networks.”






[…]

supply chain risk management process automation

The National Nuclear Security Administration (NNSA) is not using its authority to exclude suppliers that pose a threat to its supply chain. While the agency is working on drafting recommendations to improve the usefulness of its authorities, it keeps pushing back when it will actually complete the recommendations, according to an August 8 report from GAO.






[…]

Categories