The Department of Energy (DoE) – with help from industry and the Cybersecurity and Infrastructure Security Agency (CISA – is kicking off a 100-day effort to improve electric infrastructure cybersecurity, the White House and DoE said today. […]
As cyberattacks become ever-increasing, one thing is clear: the United States needs to strengthen its cybersecurity efforts. Federal government and private sector cyber experts sat down to discuss the future of the cyber conflict and how to prevent the next big cyberattack. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is partnering with the Office of the Director of National Intelligence, the Department of Defense and other entities to recognize National Supply Chain Integrity Month and promote a call to action for strengthening global supply chains. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has extended by six months the term of its Information and Communications Technology (ICT) Supply Chain Task Force, which was set up by the agency two years ago as a venue for government and industry to develop consensus strategies to improve ICT supply chain security. […]
A new report from the Government Accountability Office (GAO) finds that most large agencies had not implemented any supply chain risk management practices from the National Institute of Standards and Technology (NIST) – publicly acknowledging weaknesses on the heels of the attack on SolarWinds’ software that led to breaches at multiple Federal agencies. […]
For the U.S. Army, the mission drives everything. The Army is creating ready, prompt, and sustained warfighters to protect the nation – but two decades into the 21st century, war has evolved and challenged the department to quickly modernize and adapt to a changing landscape. […]
The Federal Communications Commission said Nov. 19 that it plans to consider a report and order at its Dec. 10 open meeting that would require some telecommunications service providers to remove and replace equipment in their networks that pose “unacceptable risks” to U.S. national security. […]
Officials from the Pentagon’s Defense Logistics Agency (DLA) said this week that two of their top concerns for further improving supply chain security are getting better end-to-end visibility of supply chains and integrating more threat intelligence into the picture. […]
The Cyberspace Solarium Commission, a congressionally-chartered group charged with delivering recommendations to improve U.S. cybersecurity, today issued its latest in a series of white papers on the subject – this time urging the U.S. to take steps to protect critical information and technology (ICT) supply chains from Chinese and other adversarial nations. […]
The Office of Management and Budget (OMB) released a new interim final rule in today’s Federal Register detailing Federal Acquisition Security Council (FASC) guidelines for managing supply chain risk, and recommending the removal and exclusion of IT and communications that fall below the standard. […]
Assessors for the new cybersecurity standard for contractors of the Department of Defense have not yet been selected, but a Department of Homeland Security official praised DoD’s efforts and said his department is looking toward their example. […]
The Federal government and critical infrastructure owners and operators spend $500 billion annually on information and communications technology (ICT) from thousands of suppliers – small, medium, and large; national and international. Digital transformation and globalization have brought technology advancements and operational efficiencies to Federal agencies. But the increasingly labyrinthine nature of Federal supply chains impacts the security of Federal systems, data, and missions. […]
A new bill introduced by Rep. Morgan Griffith, R-Va., would task the Department of Commerce with conducting a quantum computing study to outline economic benefits of the technology, and identify and mitigate supply chain risks. […]
The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) released two supply chain risk management (SCRM) products on May 6 to help businesses and organizations boost supply chain security. […]
The Telecommunication Industry Association (TIA) says that those involved in developing wireless, Internet of Things, 5G, and other compute-rich networks are at security and economic risk and that the solution is global supply chain security standards and programs that are industry driven. […]
The National Institute of Standards and Technology’s (NIST) National Cybersecurity Center of Excellence (NCCoE) is seeking vendors and interested collaborators to participate in a supply chain project. […]
The National Defense Industrial Association (NDIA) rated the health of the defense supply chain a “C” on its first annual Vital Signs report, in part because of the defense industrial base’s deteriorating cybersecurity efforts. […]
The National Institute of Standards and Technology (NIST) is seeking public comment on the Feb. 4 draft of its cyber supply chain risk management guidance. […]
Software trade group BSA said the rules proposed under the Securing the Information and Communications Technology and Services Supply Chain executive order may give the Secretary of Commerce “unbounded discretion to review commercial ICT transactions, applying highly subjective criteria in an ad hoc and opaque process that lacks meaningful safeguards for companies.” […]
The Cybersecurity and Infrastructure Security Agency’s (CISA) Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force approved a new working group to develop SCRM frameworks and best practices. […]
The Department of Justice (DoJ) updated its Policy on the Use of Unmanned Aircraft Systems (UAS), placing an emphasis on cybersecurity and mitigating supply chain risks that may come from drones. […]
The Department of Commerce released a draft regulation for a case-by-case process of banning Americans from buying IT equipment from companies controlled by foreign interests, a power granted by May’s executive order on supply chain security. […]
The National Cybersecurity Center of Excellence (NCoE) and National Institute of Standards and Technology (NIST) are seeking comments for a new project to improve supply chain security. […]
Attacks by nation-state actors and exploits targeting supply chains are among top cybersecurity concerns of IT officials, a report by CrowdStrike released on Nov. 19 reported. […]
The Department of Veterans Affairs (VA) is making progress on improving cybersecurity, but with past weaknesses and upcoming modernization efforts, the department needs to address outstanding issues and set a solid security foundation, witnesses testified to the House Veterans Affairs Subcommittee on Technology Modernization on November 14. […]
Officials from the National Institute of Standards and Technology (NIST) and the Department of Defense (DoD) previewed their agencies’ latest efforts on supply chain security guidelines at the CyberCon 2019 conference today. […]
The Cybersecurity and Infrastructure Security Agency (CISA) remains highly confident in the agency’s efforts to defend against nation-state cyber threats including those targeting U.S. elections and supply chains, a senior CISA official said today. […]
A bipartisan group of members of the House Energy and Commerce Committee introduced a bill today to provide $1 billion in aid to remove prohibited equipment from the networks of small communications providers and prevent the usage of Federal funds for “any company that poses a national security risk to American communications networks.” […]
Federal and Defense officials spoke at today’s Billington Cybersecurity Summit about procurement cybersecurity challenges they face and the initiatives they’ve launched to combat those hurdles by shifting toward a “security first” approach to acquisition and supply chain management. […]
The National Nuclear Security Administration (NNSA) is not using its authority to exclude suppliers that pose a threat to its supply chain. While the agency is working on drafting recommendations to improve the usefulness of its authorities, it keeps pushing back when it will actually complete the recommendations, according to an August 8 report from GAO. […]