Federal government officials suggested this week that quick action, plus a lot of collaboration, can help agencies boost their supply chain risk management (SCRM) efforts.
Federal agency officials said that having the rights tool, and a workforce culture tuned into security, are key elements in making gains on cybersecurity-supply chain risk management (C-SCRM).
Google released a new research report on Dec. 8 outlining how organizations can better defend themselves against cyberattacks that target their software supply chains. The report follows up on supply chain security concerns brought to light by exploits such as the SolarWinds software supply chain attack, and efforts to guard against Log4j vulnerabilities. “We believe […]
Federal government and private sector officials said at a Nov. 8 ATARC event that government agencies have made notable progress in implementing the Biden administration’s May 2021 cybersecurity executive order, but that the government has still has a long way to go to reach the order’s full potential.
Government and private sector experts discussed the extent to which zero trust cybersecurity principles ought to be applied to the larger problem of achieving better supply chain security at an Oct. 26 event organized by the Atlantic Council.
The Chips and Science Act approved by the House and Senate last week – and expected to be signed by President Biden next week – has generated a lot of headline news on the chips side of the legislation, including $52 billion of government funding to incentivize semiconductor makers to build new plants in the United States.
President Biden on June 16 signed into law the Supply Chain Security Training Act, which requires the General Services Administration (GSA) to develop a training program for officials with supply chain risk management responsibilities at Federal agencies.
In today’s edition of Countdown to MerITocracy, we’re taking a look at what may change for the better in the near-term U.S. outlook – how about having the government help recreate the U.S. semiconductor sector that mostly drifted overseas a generation ago – plus billions in Federal R&D funding that stands ready to be put to work in pending legislation in Congress. That money would flow through the National Science Foundation – whose director Dr. Sethuraman Panchanathan is a featured speaker at MerITocracy.
Reps. Anna G. Eshoo, D-Calif., and Blake Moore, R-Utah, have introduced legislation to bolster the production of U.S.-made printed circuit boards (PCB) and to strengthen related supply chain security.
Historically, Federal agencies have been instructed to be secretive on cyber matters, but a key step in fortifying the software supply chain is clear and constant information sharing, according to Jeanette McMillian, the assistant director for Supply Chain and Cyber at the National Counterintelligence and Security Center.
The Cybersecurity and Infrastructure Security Agency (CISA) is partnering with the Office of the Director of National Intelligence (ODNI) to promote a call to action for organizations to focus on protecting information and communications technology (ICT) supply chains, under the banner “Fortify the Chain.”
Senate leadership is making the legislative moves necessary to begin work in earnest on reconciling two different versions of innovation and competition legislation that features billions of funding to boost domestic semiconductor production and create a new technology directorate at the National Science Foundation (NSF).
A bipartisan group of 147 senators and House members have signed onto a letter to leadership in both chambers calling for quick action to approve the Creating Helpful Incentives for the Production of Semiconductors (CHIPS) for America Act, which would provide $52 billion in funding to help revitalize U.S.-based semiconductor manufacturing.
President Biden in his March 1 State of the Union pleaded with members of Congress to complete work on reconciling two bills that would fund the CHIPS Act to support domestic semiconductor manufacturing, provide funding to the National Science Foundation (NSF) for a new technology directorate, and direct billions of new money to improve supply chain resiliency.
The Department of Defense (DoD) is seeking information from the microelectronics (ME) research and development (R&D) community to help establish a public-private partnership to aid in domestic production of ME-related technologies, according to a request for information (RFI) posted to SAM.gov Feb. 24.
The House of Representatives passed the America Creating Opportunities for Manufacturing, Pre-Eminence in Technology and Economic Strength Act of 2022 (COMPETES) today by a 220-210 vote.
The House Oversight and Reform Committee voted on Feb. 2 to approve the Supply Chain Security Training Act. The committee’s approval of the bill sends it to the full House of Representatives for consideration.
The House of Representatives is set to begin floor debate on Wednesday on its own version of innovation and competition legislation that may pair up with the Senate’s existing United States Innovation and Competition Act (USICA).
The Telecommunications Industry Association (TIA) released the first-ever supply chain security standard (SCS 9001), developed specifically to aid the information and communications technology (ICT) industry.
The Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force has met for the first time this calendar year, and designated work on a software bill of materials (SBOM) as one of its primary priorities for 2022, according to a Jan. 11 press release.
Despite a proclamation over the weekend from Sen. Joe Manchin, D-W.V., that he was a “no” on the existing version of Build Back Better Act legislation, Senate Majority Leader Chuck Schumer, D-N.Y., said in a Dear Colleague letter today that he plans to keep working on the reconciliation legislation until they “get something done.”
Despite concerted efforts to get Democrats’ $1.75 trillion-plus Build Back Better Act passed before the end of the month, the timeline for Senate consideration of the budget reconciliation bill is effectively sliding into 2022.
President Biden’s December 8 executive order on steps the Federal government will take to reduce carbon emissions across the government features provisions that direct Federal agencies to evaluate supply chain sustainability and supplier emissions as part of that larger effort.
The Department of Commerce is proposing new safety criteria for connected software to help better secure information and communications technology and services (ICTS) supply chains, including potential third-party audits of connected software and ICTS transactions, according to a proposed rule posted to the Federal Register Nov. 26.
With the House consideration of the Build Back Better Act (BBBA) – Democrats’ $1.75 trillion-plus budget reconciliation bill – pushed to this week, Senate Majority Leader Chuck Schumer, D-N.Y., said that the Senate will begin consideration of the fiscal year (FY) 2022 National Defense Authorization Act (NDAA) this week.
The Department of Transportation has been tasked with seeking private sector input to create standardized data exchange requirements for goods movement in the transportation supply chain, according to a White House announcement of administration plans to fund ports and waterways improvements aimed at improving supply chain resiliency.
The Department of Commerce’s Bureau of Industry and Security (BIS) is fielding responses to its request for comment (RFC) on risks confronting the information communication technology (ICT) supply chains.
There are many facets to Supply Chain Risk Management (SCRM), from building trust with vendors and users to assessing manufacturing specs. During a virtual summit hosted by FCW on Oct. 20, current and former officials from NASA explained the must-have factors in the agency’s SCRM to decide what products are safe to use for applications.
Federal cyber leaders and government agencies are pushing forward with Supply Chain Risk Management (SCRM) and Cybersecurity Supply Chain Risk Management (C-SCRM) initiatives to address vulnerabilities and prevent further incidents from compromising critical systems.
Bipartisan legislation was introduced in the House last week to boost U.S. supply chains and foster domestic manufacturing of “critical goods” by creating a Supply Chain Resiliency and Crisis Response Office in the Department of Commerce.