The Federal Communications Commission said Nov. 19 that it plans to consider a report and order at its Dec. 10 open meeting that would require some telecommunications service providers to remove and replace equipment in their networks that pose “unacceptable risks” to U.S. national security. […]
Officials from the Pentagon’s Defense Logistics Agency (DLA) said this week that two of their top concerns for further improving supply chain security are getting better end-to-end visibility of supply chains and integrating more threat intelligence into the picture. […]
The Cyberspace Solarium Commission, a congressionally-chartered group charged with delivering recommendations to improve U.S. cybersecurity, today issued its latest in a series of white papers on the subject – this time urging the U.S. to take steps to protect critical information and technology (ICT) supply chains from Chinese and other adversarial nations. […]
The Office of Management and Budget (OMB) released a new interim final rule in today’s Federal Register detailing Federal Acquisition Security Council (FASC) guidelines for managing supply chain risk, and recommending the removal and exclusion of IT and communications that fall below the standard. […]
Assessors for the new cybersecurity standard for contractors of the Department of Defense have not yet been selected, but a Department of Homeland Security official praised DoD’s efforts and said his department is looking toward their example. […]
The Federal government and critical infrastructure owners and operators spend $500 billion annually on information and communications technology (ICT) from thousands of suppliers – small, medium, and large; national and international. Digital transformation and globalization have brought technology advancements and operational efficiencies to Federal agencies. But the increasingly labyrinthine nature of Federal supply chains impacts the security of Federal systems, data, and missions. […]
A new bill introduced by Rep. Morgan Griffith, R-Va., would task the Department of Commerce with conducting a quantum computing study to outline economic benefits of the technology, and identify and mitigate supply chain risks. […]
The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) released two supply chain risk management (SCRM) products on May 6 to help businesses and organizations boost supply chain security. […]
The Telecommunication Industry Association (TIA) says that those involved in developing wireless, Internet of Things, 5G, and other compute-rich networks are at security and economic risk and that the solution is global supply chain security standards and programs that are industry driven. […]
The National Institute of Standards and Technology’s (NIST) National Cybersecurity Center of Excellence (NCCoE) is seeking vendors and interested collaborators to participate in a supply chain project. […]
The National Defense Industrial Association (NDIA) rated the health of the defense supply chain a “C” on its first annual Vital Signs report, in part because of the defense industrial base’s deteriorating cybersecurity efforts. […]
The National Institute of Standards and Technology (NIST) is seeking public comment on the Feb. 4 draft of its cyber supply chain risk management guidance. […]
Software trade group BSA said the rules proposed under the Securing the Information and Communications Technology and Services Supply Chain executive order may give the Secretary of Commerce “unbounded discretion to review commercial ICT transactions, applying highly subjective criteria in an ad hoc and opaque process that lacks meaningful safeguards for companies.” […]
The Cybersecurity and Infrastructure Security Agency’s (CISA) Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force approved a new working group to develop SCRM frameworks and best practices. […]
The Department of Justice (DoJ) updated its Policy on the Use of Unmanned Aircraft Systems (UAS), placing an emphasis on cybersecurity and mitigating supply chain risks that may come from drones. […]
The Department of Commerce released a draft regulation for a case-by-case process of banning Americans from buying IT equipment from companies controlled by foreign interests, a power granted by May’s executive order on supply chain security. […]
The National Cybersecurity Center of Excellence (NCoE) and National Institute of Standards and Technology (NIST) are seeking comments for a new project to improve supply chain security. […]
Attacks by nation-state actors and exploits targeting supply chains are among top cybersecurity concerns of IT officials, a report by CrowdStrike released on Nov. 19 reported. […]
The Department of Veterans Affairs (VA) is making progress on improving cybersecurity, but with past weaknesses and upcoming modernization efforts, the department needs to address outstanding issues and set a solid security foundation, witnesses testified to the House Veterans Affairs Subcommittee on Technology Modernization on November 14. […]
Officials from the National Institute of Standards and Technology (NIST) and the Department of Defense (DoD) previewed their agencies’ latest efforts on supply chain security guidelines at the CyberCon 2019 conference today. […]
The Cybersecurity and Infrastructure Security Agency (CISA) remains highly confident in the agency’s efforts to defend against nation-state cyber threats including those targeting U.S. elections and supply chains, a senior CISA official said today. […]
A bipartisan group of members of the House Energy and Commerce Committee introduced a bill today to provide $1 billion in aid to remove prohibited equipment from the networks of small communications providers and prevent the usage of Federal funds for “any company that poses a national security risk to American communications networks.” […]
Federal and Defense officials spoke at today’s Billington Cybersecurity Summit about procurement cybersecurity challenges they face and the initiatives they’ve launched to combat those hurdles by shifting toward a “security first” approach to acquisition and supply chain management. […]
The National Nuclear Security Administration (NNSA) is not using its authority to exclude suppliers that pose a threat to its supply chain. While the agency is working on drafting recommendations to improve the usefulness of its authorities, it keeps pushing back when it will actually complete the recommendations, according to an August 8 report from GAO. […]
The Federal Acquisition Regulation will ban agencies from procuring equipment from five Chinese companies, including Huawei and ZTE, starting August 13, according to an interim rule published August 7. […]
Officials from the Defense Department (DoD) highlighted supply chain and workforce and culture issues as two significant problems the agency faces in maintaining strong cybersecurity, during a panel discussion at FCW’s Cybersecurity Summit. […]
Risk management in the modern age is largely about cyber hygiene, said Wanda Jones-Heath, Chief Information Security Officer (CISO) for the U.S. Air Force’s Office of the Deputy CIO, today. […]
In welcoming the start of April, also known as Supply Chain Integrity Month, the Cybersecurity and Infrastructure Security Agency (CISA), Office of the Director of National Intelligence, and Defense Department are collaborating to promote supply chain security and risk management policies and practices. CISA, which is a component of the Department of Homeland Security, said […]
Officials from various Federal agencies are focusing on data-driven approaches, utilizing blockchain, and business-focused functions to brace for a digital future. […]
The Government Accountability Office, in a two-year update to its “High-Risk List” issued today, has removed Department of Defense (DoD) supply chain management from its list of 35 pressing Federal government issues, citing progress by the Pentagon on addressing supply chain risk. […]