Federal cyber leaders and government agencies are pushing forward with Supply Chain Risk Management (SCRM) and Cybersecurity Supply Chain Risk Management (C-SCRM) initiatives to address vulnerabilities and prevent further incidents from compromising critical systems.
Federal officials elaborated on existing guidance and initiatives to help Federal agencies and their industry partners combat these threats during a virtual summit hosted by FCW on October 20.
More than ever, organizations are concerned about the risks associated with products and services that may contain potentially malicious functionality, be counterfeit, or be vulnerable due to poor manufacturing and development practices within the cyber supply chain.
“These risks can decrease an enterprise’s visibility into and understanding of how the technology that they acquire is developed, integrated, and deployed,” Jon Boyens, deputy chief for the Computer Security Division at the National Institute of Standards and Technology (NIST), said at the summit. “They can also affect and be affected by the processes, procedures, and practices used to ensure the security, resilience, reliability, safety, integrity, and…
