The Commerce Department, through NIST, has launched an effort to enhance the security and integrity of the technology supply chain. The process aims to improve the way cybersecurity risks are managed as they relate to supply chains.
- Tony Scott, former federal chief information officer, said the federal cyber community needs to focus on management best practices, governance issues, decision making and the role of government versus the private sector in cybersecurity.
- Increasing security in the technology supply chain will require raising awareness in government about the size and gravity of the issue, which he said the Biden administration is doing a good job on.
- Scott said a major risk to the supply chain are the ongoing activities after the initial technology setup, such as software updates, hardware changes and operational maintenance.