The Cybersecurity and Infrastructure Security Agency (CISA) has given its Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force another two-year term to continue its work on creating solutions for managing global ICT supply chain risk.

The task force was first created in late 2018, and was last extended in 2021. The organization is chaired by CISA’s National Risk Management Center (NRMC) and the Information Technology and Communications Sector Coordinating Councils, and includes government and private sector organizations.

In announcing the extension, CISA said the task force will continue current work on developing a software assurance buyers guide, along with efforts by the task force’s AI working group to find ways that the technology can be used to mitigate threats to ICT SCRM processes.

“In the next two years, through January 2026, the Task Force will continue to explore means for building and strengthening partnerships with stakeholders who can help grow the applicability and utilization of Task Force products, tools, and resources to better manage risks facing the ICT supply chain,” CISA said.

“With the interconnectedness between the sectors and the scale of supply chain risks faced by both government and industry, private-public coordination is essential to enhance ICT supply chain resilience,” the agency said.

The task force’s work products last year included a small and medium-sized business resource hand book featuring the most critical supply chain risk categories for ICT businesses, and a hardware bill of materials framework for supply chain risk management.

“The work of the Task Force has been invaluable in mitigating supply chain risks within the ICT supply chain,” said Mona Harrington, assistant director of CISA’s NRMC and co-chair of the ICT Task Force. “Renewing the charter ensures that the Task Force can continue to apply its subject matter expertise in identifying solutions and mitigations to the significant ICT supply chain risks and threats facing our Nation.”

Read More About
About
John Curran
John Curran
John Curran is MeriTalk's Managing Editor covering the intersection of government and technology.
Tags