Even for the intelligence community, risk management is not an easy task.
The National Geospatial Intelligence Agency is trying to get its arms around supply chain risk.
The National Reconnaissance Office is focused on implementing the risk management framework.
Both agencies are in the middle of expanding and maturing their approaches to cybersecurity.
Chris Brown, the deputy CISO at NGA, said the goal is to “catch up quickly” in bringing in supply chain risk management processes and tools.
He said there may not be a big pot of money right now, but there are things NGA can do across mission and support functions to address this growing concern.
And with April being supply chain integrity month, the intelligence community is putting a special emphasis on reducing the threat.
In February, the National Counterintelligence and Security Center issued the National Counterintelligence Strategy of the United States of America, 2020-2022, which listed reducing the threats to the supply chain as one of five key objectives.
The strategy highlights three steps the government will take over the next three years, including integrating supply chain risk management…