A new bill introduced by Rep. Morgan Griffith, R-Va., would task the Department of Commerce with conducting a quantum computing study to outline economic benefits of the technology, and identify and mitigate supply chain risks. […]
The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) released two supply chain risk management (SCRM) products on May 6 to help businesses and organizations boost supply chain security. […]
The Defense Department (DoD) said today that coronavirus-related concerns have closed about one percent of the companies that it considers “prime” in the defense industrial base (DIB), and that DoD is working to help affected companies to reopen. […]
The Cybersecurity and Infrastructure Security Agency (CISA) late last week issued a practical checklist to help executives “think through” infrastructure protection, supply chain, and cybersecurity issues in light of the COVID-19 coronavirus, and potential effects to workforce and operations. […]
The Office of Management and Budget (OMB) issued a call Jan. 27 for ideas to help the Federal government modernize its acquisition and supply chain functions. […]
The National Institute of Standards and Technology (NIST) is seeking input from stakeholders on an update to NIST Special Publication (SP) 800-161: Supply Chain Risk Management Practices for Federal Information Systems and Organizations. […]
The National Institute of Standards and Technology (NIST) is seeking public comment on the Feb. 4 draft of its cyber supply chain risk management guidance. […]
United Kingdom authorities said today they will allow communications service providers to use in their networks a limited amount of equipment made by “high risk vendors,” and impose restrictions on more extensive use of equipment from those firms. […]
Software trade group BSA said the rules proposed under the Securing the Information and Communications Technology and Services Supply Chain executive order may give the Secretary of Commerce “unbounded discretion to review commercial ICT transactions, applying highly subjective criteria in an ad hoc and opaque process that lacks meaningful safeguards for companies.” […]
The Cybersecurity and Infrastructure Security Agency’s (CISA) Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force approved a new working group to develop SCRM frameworks and best practices. […]
The National Cybersecurity Center of Excellence (NCoE) and National Institute of Standards and Technology (NIST) are seeking comments for a new project to improve supply chain security. […]
Attacks by nation-state actors and exploits targeting supply chains are among top cybersecurity concerns of IT officials, a report by CrowdStrike released on Nov. 19 reported. […]
The Government Accountability Office recommended in a recent report that the Defense Department (DoD) take steps to ensure that the U.S. Air Force develops a “comprehensive acquisition strategy” for its Space Command and Control (C2) program that aims to deliver better capability to protect U.S. space assets from attacks and collisions with space debris. […]
The General Services Administration (GSA) today announced the award of its Second Generation Information Technology (2GIT) Blanket Purchase Agreements (BPAs) that have an estimated value of $5.5 billion over five years. […]
The General Services Administration (GSA) is gathering feedback that it will present to telecom service providers regarding supply chain and other security requirements for 5G wireless services that the Federal government will be acquiring, a GSA official said today at the agency’s 5G Government Symposium event. […]
The Cybersecurity and Infrastructure Security Agency (CISA) remains highly confident in the agency’s efforts to defend against nation-state cyber threats including those targeting U.S. elections and supply chains, a senior CISA official said today. […]
A bipartisan group of members of the House Energy and Commerce Committee introduced a bill today to provide $1 billion in aid to remove prohibited equipment from the networks of small communications providers and prevent the usage of Federal funds for “any company that poses a national security risk to American communications networks.” […]
The U.S. Department of Homeland Security’s (DHS Cybersecurity and Infrastructure Security Agency (CISA) released the Information and Communications Technology (ICT) Supply Chain Risk Management Task Force’s first interim report, which details the groups’ progress since its formation. […]
Federal and Defense officials spoke at today’s Billington Cybersecurity Summit about procurement cybersecurity challenges they face and the initiatives they’ve launched to combat those hurdles by shifting toward a “security first” approach to acquisition and supply chain management. […]
The Department of Veterans Affairs (VA) and Defense Department’s (DoD) Defense Logistics Agency (DLA) announced that they began a strategic partnership Aug. 12 to aid the VA in its supply chain management modernization efforts. […]
The National Nuclear Security Administration (NNSA) is not using its authority to exclude suppliers that pose a threat to its supply chain. While the agency is working on drafting recommendations to improve the usefulness of its authorities, it keeps pushing back when it will actually complete the recommendations, according to an August 8 report from GAO. […]
The Federal Acquisition Regulation will ban agencies from procuring equipment from five Chinese companies, including Huawei and ZTE, starting August 13, according to an interim rule published August 7. […]
Risk management in the modern age is largely about cyber hygiene, said Wanda Jones-Heath, Chief Information Security Officer (CISO) for the U.S. Air Force’s Office of the Deputy CIO, today. […]
The Acting Director of the Office of Management and Budget (OMB) Russell Vought wrote a letter to Vice President Mike Pence, House Speaker Nancy Pelosi, D-Calif., and eight other members of Congress asking for a two-year delay of a ban that prohibits U.S. government contractors from doing business with Chinese-telecommunications company Huawei, in an effort to give companies more time to comply with the legislation. […]
China-based network equipment maker Huawei filed a motion for summary judgement in ongoing litigation with the U.S. government in the U.S. District Court for the Eastern District of Texas challenging the constitutionality of Section 889 of the 2019 National Defense Authorization Act (NDAA) under which the Federal government is barred from buying Huawei equipment and services. […]
For the Cybersecurity Infrastructure Security Agency (CISA) within the Department of Homeland Security (DHS) and General Services Administration (GSA), acquisition of new technologies and methodologies requires making sure that all the right processes and controls are in place. […]
Over the past couple of years, the Department of Homeland Security’s (DHS) Critical Infrastructure and Security Agency (CISA) has been asking itself several questions to increase cross-agency governance for cybersecurity and supply chain management. […]
The Department of Veteran Affairs’ (VA’s) Veterans Benefits Administration (VBA) failure to modify its electronic systems to fully support the Forever GI Bill hampered efforts to implement the law early in the process and continue to the present day, according to a VA Office of the Inspector General (OIG) report released today. […]
Officials from various Federal agencies are focusing on data-driven approaches, utilizing blockchain, and business-focused functions to brace for a digital future. […]
Software-maker trade group BSA sent a letter to leaders of the House and Senate Armed Services Committees on Thursday urging modernization of the Department of Defense’s (DoD) supply chain security and software acquisition approach in the FY 2020 National Defense Authorization Act. […]