Cybersecurity
Cyber Attack

As cyberattacks become ever-increasing, one thing is clear: the United States needs to strengthen its cybersecurity efforts. Federal government and private sector cyber experts sat down to discuss the future of the cyber conflict and how to prevent the next big cyberattack. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is partnering with the Office of the Director of National Intelligence, the Department of Defense and other entities to recognize National Supply Chain Integrity Month and promote a call to action for strengthening global supply chains. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has extended by six months the term of its Information and Communications Technology (ICT) Supply Chain Task Force, which was set up by the agency two years ago as a venue for government and industry to develop consensus strategies to improve ICT supply chain security. […]

security

A new report from the Government Accountability Office (GAO) finds that most large agencies had not implemented any supply chain risk management practices from the National Institute of Standards and Technology (NIST) – publicly acknowledging weaknesses on the heels of the attack on SolarWinds’ software that led to breaches at multiple Federal agencies. […]

supply chain risk management process automation

For the U.S. Army, the mission drives everything. The Army is creating ready, prompt, and sustained warfighters to protect the nation – but two decades into the 21st century, war has evolved and challenged the department to quickly modernize and adapt to a changing landscape. […]

FCC

The Federal Communications Commission said Nov. 19 that it plans to consider a report and order at its Dec. 10 open meeting that would require some telecommunications service providers to remove and replace equipment in their networks that pose “unacceptable risks” to U.S. national security. […]

DoD Pentagon Military

The Cyberspace Solarium Commission, a congressionally-chartered group charged with delivering recommendations to improve U.S. cybersecurity, today issued its latest in a series of white papers on the subject – this time urging the U.S. to take steps to protect critical information and technology (ICT) supply chains from Chinese and other adversarial nations. […]

cybersecurity

The Office of Management and Budget (OMB) released a new interim final rule in today’s Federal Register detailing Federal Acquisition Security Council (FASC) guidelines for managing supply chain risk, and recommending the removal and exclusion of IT and communications that fall below the standard. […]

Assessors for the new cybersecurity standard for contractors of the Department of Defense have not yet been selected, but a Department of Homeland Security official praised DoD’s efforts and said his department is looking toward their example. […]

supply chain

The Federal government and critical infrastructure owners and operators spend $500 billion annually on information and communications technology (ICT) from thousands of suppliers – small, medium, and large; national and international. Digital transformation and globalization have brought technology advancements and operational efficiencies to Federal agencies. But the increasingly labyrinthine nature of Federal supply chains impacts the security of Federal systems, data, and missions. […]

A new bill introduced by Rep. Morgan Griffith, R-Va., would task the Department of Commerce with conducting a quantum computing study to outline economic benefits of the technology, and identify and mitigate supply chain risks. […]

supply chain

The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) released two supply chain risk management (SCRM) products on May 6 to help businesses and organizations boost supply chain security. […]

The Telecommunication Industry Association (TIA) says that those involved in developing wireless, Internet of Things, 5G, and other compute-rich networks are at security and economic risk and that the solution is global supply chain security standards and programs that are industry driven. […]

supply chain
Military AI DoD Defense
cybersecurity chip AI

Software trade group BSA said the rules proposed under the Securing the Information and Communications Technology and Services Supply Chain executive order may give the Secretary of Commerce “unbounded discretion to review commercial ICT transactions, applying highly subjective criteria in an ad hoc and opaque process that lacks meaningful safeguards for companies.” […]

supply chain risk management process automation

The Cybersecurity and Infrastructure Security Agency’s (CISA) Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force approved a new working group to develop SCRM frameworks and best practices. […]

DOJ Department of Justice
Department of Commerce

The Department of Commerce released a draft regulation for a case-by-case process of banning Americans from buying IT equipment from companies controlled by foreign interests, a power granted by May’s executive order on supply chain security. […]

The Department of Veterans Affairs (VA) is making progress on improving cybersecurity, but with past weaknesses and upcoming modernization efforts, the department needs to address outstanding issues and set a solid security foundation, witnesses testified to the House Veterans Affairs Subcommittee on Technology Modernization on November 14. […]

supply chain risk management process automation
voting, election, election security

The Cybersecurity and Infrastructure Security Agency (CISA) remains highly confident in the agency’s efforts to defend against nation-state cyber threats including those targeting U.S. elections and supply chains, a senior CISA official said today. […]

A bipartisan group of members of the House Energy and Commerce Committee introduced a bill today to provide $1 billion in aid to remove prohibited equipment from the networks of small communications providers and prevent the usage of Federal funds for “any company that poses a national security risk to American communications networks.” […]

supply chain risk management process automation

The National Nuclear Security Administration (NNSA) is not using its authority to exclude suppliers that pose a threat to its supply chain. While the agency is working on drafting recommendations to improve the usefulness of its authorities, it keeps pushing back when it will actually complete the recommendations, according to an August 8 report from GAO. […]

Categories