Supply Chain

Counter Intelligence Chief Calls for Zero-Trust Software Supply Chain Policy

The official also said there’s a need for the fusion of responsibilities assigned to a trilogy of government agencies.

GSA to Remove Almost All Drones from Contract Offerings Over China Concerns

By Feb. 1, all but five unmanned aerial vehicles will be removed from the General Services Administration’s offerings.

GSA Introduces Vendor Risk Assessment Program in Draft Solicitation

The SolarWinds hack seems to be breathing new life into the supply chain security effort.

Russia ‘Likely’ Behind Widespread Hack, Cyber Response Agencies Say

The Cyber Unified Coordination Group believes fewer than ten government agencies were compromised in what is an ongoing intelligence operation.

CMMC: The Dramatic Year of the Pentagon’s Contractor Cybersecurity Program

The Defense Department’s main effort to protect its supply chain from cyber threats charged ahead through the pandemic but not without controversy.  

Next-Generation Program Protection: The Next Federal Cybersecurity Challenge

As the government aims to buy more innovative products, we must make critical advancements in program protection. 

Hack Spurs Call for Greater—but Measured—Supply Chain Scrutiny 

Operational cybersecurity hygiene is one thing, criteria for using open-source code is another, one expert says. 

Former Presidential Adviser Advocates Tougher Software Vendor Standards After Breach

The environment where updates for the company’s software were developed was reportedly protected by a password anyone could guess.

Biden Disputes Trump’s Claim that Hack is Under Control

The president-elect called for an official attribution to Russia but said a damage assessment is necessary before discussing the appropriate response.

Amid Massive Hack, Lawmakers Urge Trump to Sign Defense Bill with New Cybersecurity Legislation

As the government scrambles to understand the widening compromise, legislation to shore up the nation’s cyber defenses sits unsigned on the President’s desk.

House Committees Launch Investigation into Alleged Russian Hack of Federal Agencies

President-elect Joe Biden also promised to elevate cybersecurity “as an imperative” across government.

CISA: SolarWinds Is Not the Only Way Hackers Got Into Networks

The agency also warned that getting attackers out of networks will be complex—especially because they are monitoring IT and cybersecurity employees’ emails.

GAO Issues ‘Wake-Up Call’ Report on Agencies’ Lax Supply Chain Security Management

The bottom line is that none of the 23 agencies audited fully implemented foundational risk management practices. 

Pentagon Preps for First CMMC Pilots in 2021

The Pentagon’s Cybersecurity Maturity Model Certification program will begin including security requirements in select solicitations starting next year.