President Biden’s December 8 executive order on steps the Federal government will take to reduce carbon emissions across the government features provisions that direct Federal agencies to evaluate supply chain sustainability and supplier emissions as part of that larger effort. […]

The Department of Commerce is proposing new safety criteria for connected software to help better secure information and communications technology and services (ICTS) supply chains, including potential third-party audits of connected software and ICTS transactions, according to a proposed rule posted to the Federal Register Nov. 26. […]

With the House consideration of the Build Back Better Act (BBBA) – Democrats’ $1.75 trillion-plus budget reconciliation bill – pushed to this week, Senate Majority Leader Chuck Schumer, D-N.Y., said that the Senate will begin consideration of the fiscal year (FY) 2022 National Defense Authorization Act (NDAA) this week. […]

The Department of Transportation has been tasked with seeking private sector input to create standardized data exchange requirements for goods movement in the transportation supply chain, according to a White House announcement of administration plans to fund ports and waterways improvements aimed at improving supply chain resiliency. […]

The Department of Commerce’s Bureau of Industry and Security (BIS) is fielding responses to its request for comment (RFC) on risks confronting  the information communication technology (ICT) supply chains. […]

There are many facets to Supply Chain Risk Management (SCRM), from building trust with vendors and users to assessing manufacturing specs. During a virtual summit hosted by FCW on Oct. 20, current and former officials from NASA explained the must-have factors in the agency’s SCRM to decide what products are safe to use for applications. […]

Federal cyber leaders and government agencies are pushing forward with Supply Chain Risk Management (SCRM) and Cybersecurity Supply Chain Risk Management (C-SCRM) initiatives to address vulnerabilities and prevent further incidents from compromising critical systems. […]

Bipartisan legislation was introduced in the House last week to boost U.S. supply chains and foster domestic manufacturing of “critical goods” by creating a Supply Chain Resiliency and Crisis Response Office in the Department of Commerce. […]

The Department of Commerce’s (DoC) Bureau of Industry and Security published a request for comments to gain feedback on what should be included in a report on supply chains for critical sectors and subsectors of the information and communications technology (ICT) industrial base. […]

Sen. Gary Peters, D-Mich., chairman of the Committee on Homeland Security and Governmental Affairs, said on Sept. 15 that the United States’ supply chains are not resilient, and strengthening those supply chains is going to be critical for U.S. competitiveness going forward. […]

The House Energy and Commerce Committee was still in the process late Monday of marking up its portion of the $3.5 trillion budget reconciliation bill working its way through the House, but at our deadline was making a big splash with $10 billion of proposed funding for supply chain security. […]

On August 2, the Cybersecurity and Infrastructure Security Agency (CISA) announced that it would be extending the Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force to July 31, 2023. […]

Senate-approved legislation that would boost Federal funding for U.S.-based semiconductor manufacturing and provide the National Science Foundation (NSF) with another $52 billion over five years for research initiatives received strong endorsements from private sector witnesses at a July 15 Senate Commerce, Science, and Transportation Committee hearing. […]

The Endless Frontier bill championed by Senate Majority Leader Chuck Schumer, D-N.Y., and set for Senate floor debate over the next several days has grown by leaps and bounds this week with the addition of semiconductor manufacturing and cybersecurity components and has even gotten a new name – the U.S. Innovation and Competition Act of 2021. […]

The Federal government is curtailing its “surge” response to the SolarWinds Orion and Microsoft Exchange hacks after seeing improvements in patching that have helped to remediate the impacts of the cyber attacks, the Biden administration said today. […]

A group of communications technology trade groups urged Homeland Security Secretary Alejandro Mayorkas and Commerce Secretary Gina Raimondo in an April 12 letter to stick by what they called the Federal government’s “longstanding commitment” to use industry-led standards and best practices to deal with cybersecurity and supply chain security issues facing the information communications technology (ICT) sector. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is partnering with the Office of the Director of National Intelligence, the Department of Defense and other entities to recognize National Supply Chain Integrity Month and promote a call to action for strengthening global supply chains. […]

The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) has released supplemental directions to help agencies root out and mitigate vulnerabilities in their Microsoft Exchange on-premises products. […]

The ongoing “Sunburst” cyber-espionage campaign that resulted in the SolarWinds Orion and Microsoft Exchange breaches represents a strategic failure by the U.S., rather than simple IT inadequacy, according to a report by the Atlantic Council. […]

The Department of Energy’s (DoE) Office of Cybersecurity, Energy Security, and Emergency Response (CESER) said it is rolling out three new research programs aimed at energy supply chain security, protecting infrastructure from electromagnetic (EMP) interference, and cybersecurity education. […]

In a press release, IBM announced that it would be working with companies from the Defense Industrial Base (DIB), Electronic Design Automation (EDA) suppliers, Non-Traditional Defense Contractors (NTDC), and academic partners to develop state-of-the-art (SOTA) microelectronics for Defense Department (DoD) use. […]

In the wake of the recent SolarWinds and Microsoft Exchange hacks, the Cybersecurity and Infrastructure Security Agency (CISA) is emphasizing the need to shore up supply chain integrity, adopt a zero trust security concepts mindset, and direct more resources to best address vulnerabilities. […]

The House Armed Services Committee is standing up an acquisition task force that will examine supply chain threats and vulnerabilities. […]

The secretaries of Homeland Security and Commerce will work together on the one-year review of information and communications technology (ICT) industrial base supply chains ordered by President Biden earlier this week. […]

An executive order to be signed by President Biden today will order Federal agencies to conduct year-long reviews of their supply chain and industrial base risks, with the defense industrial base (DIB) and information and communications technology (ICT) industrial base among six key sectors identified in the order. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has extended by six months the term of its Information and Communications Technology (ICT) Supply Chain Task Force, which was set up by the agency two years ago as a venue for government and industry to develop consensus strategies to improve ICT supply chain security. […]

The Cybersecurity and Infrastructure Security Agency (CISA) released the annual report for the Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force on Dec. 17 which highlights ongoing efforts of five working groups addressing challenges related to information sharing, threat analysis, qualified bidder and qualified manufacturers lists, vendor assurance, and the COVID-19 pandemic. […]

With the Federal government placing more and more emphasis on supply chain security, harmonizing various efforts to reduce confusion is an important step towards better regulation, said Grant Schneider, former Federal CISO, and now senior director of cybersecurity services at Venable. […]

As state and local leaders continue to grapple with the COVID-19 pandemic, the Cybersecurity and Infrastructure Security Agency (CISA) released an update to its Essential Critical Infrastructure Workers Guidance. Version 4.0, released today, provides guidance for jurisdictions and critical infrastructure owners to ensure that essential workers can work safely while supporting ongoing infrastructure operations across the nation.   […]

The Federal government and critical infrastructure owners and operators spend $500 billion annually on information and communications technology (ICT) from thousands of suppliers – small, medium, and large; national and international. Digital transformation and globalization have brought technology advancements and operational efficiencies to Federal agencies. But the increasingly labyrinthine nature of Federal supply chains impacts the security of Federal systems, data, and missions. […]