Supply Chain

Federal Agencies Likely to Get New Cybersecurity Guidance ‘In Coming Weeks’

New top-level guidance—and requirements—are coming for managing software security risk at federal agencies

NIST’s Supply-Chain Security Guidance Tells Agencies: Look to FedRAMP First

The agency has spent years revising guidance for organizations to address vulnerabilities presented by vendors of software and other enterprise suppliers.

Cybersecurity Pros Signal Regulatory Challenge for Securing Industrial Control Systems

A studious adversary may be hellbent on destruction, and a comprehensive approach is needed to successfully govern the protection of critical infrastructure, specialists say.

Energy to Fund Development of Climate-Friendly Grid Security and Resilience

The effort reflects a commitment to clean energy while aiming to mitigate supply-chain threats.

NatSec Experts to Congress: Pass Legislation to Boost Domestic Semiconductor Production

The Bipartisan Innovation Act would inject tens of billions into domestic semiconductor production.

CISA Director Details Growing Threat to Maritime Transportation Sector 

Cybersecurity professionals are noting the possibility of Russia reprising a watershed attack on the shipping industry to hit back against the U.S. economy.

White House Unveils New Supply Chain Data Sharing Pilot

Helmed by the Department of Transportation, FLOW will work to improve consumers’ access to goods through streamlining shipping and delivery operations.

CISA Replaces Chair of Supply-Chain Risk Management Task Force on Network Tech

Bob Kolasky is leaving government for the private sector, after leading the public-private task force alongside executives from trade associations of the largest critical software and networking gear providers.

White House Reminds Agencies to Adopt NIST's Software Supply Chain Security Framework

The Office of Management and Budget pressed federal agencies on a deadline to adopt the software supply chain best practices as directed under last year's White House cybersecurity executive order.

Supply Chain Security Training and FISMA Overhaul Bills Clear House Committee

The committee chair highlighted a need for incident reporting and other requirements for federal contractors.

AT&T Completes First 5G Demonstration for ‘Smart Warehouse’ Effort

The work continues to unfold, even in the face of supply chain strains.

Air Force Doubles Down on Tech to Stay On Top of Supply Chain Demands

Officials recently shed light on a system that explores “what-ifs” connected to needed assets.

Biden Admin Touts ‘Significant Progress’ in Made in America Office's First Year

The office’s purpose is to coordinate federal efforts and maximize the use of domestic goods by taxpayer-funded federal agencies when appropriate.

Big Tech Anxious About Commerce Plan to Secure Supply Chains from Foreign Influence

Comments an association of industry giants made on a notice of proposed rulemaking from the Commerce Department come amid multiple government efforts to reduce cybersecurity risks in globally produced information and communications technology.

3 Strategies for Securing the Supply Chain, Security’s Weakest Link 

Today, no vendor or agency is safe—and just as importantly, no single organization can address all these threats independently.

FTC warns of legal risks of failing on Log4j mitigation

The Federal Trade Commission issued a warning this week urging companies to take "reasonable steps" to mitigate known software vulnerabilities or face potential legal consequences, recalling the $700 million settlement Equifax paid for a major breach in 2017.