Many vendors lack transparency into their own supply chains. So how can vendors – as well as their government customers — be assured that their sub-tier suppliers do not pose threats or vulnerabilities?
Get Started for FREE
Sign up with Facebook Sign up with X
I don't have a Facebook or a X account
Your new post is loading...
Your new post is loading...
|
Understanding supplier ownership and the threats posed by adversaries to infiltrate and influence critical technologies, infrastructure, and data is a pervasive concern across government. In the attached article by Erik Erkwurzel, he addresses several aspects of supply chain transparency as well as DoD's Cybersecurity Maturity Model Certification or CMMC in the context of risk and investment security.
Erik's article is consistent with several actions outlined in the National Counterintelligence Strategy of the US (2020-2022). One of the major objectives is "reduce threats to key US supply chains". The strategy outlines the following actions to meet the objective:
new processes to identify suspect or high risk vendors, products, software and services that pose a risk to our economic and national security.
industry best practices into the operations of the federal government to safeguard the technology and services that are procured and deployed. We will create a supply chain risk assessment shared repository, address deficiencies in the federal acquisition process, and seek more streamlined authorities to exclude high risk vendors.