DHS supply-chain task force lays basis for critical cyber policy decisions
The Department of Homeland Security's task force on supply-chain security is laying the basis for essential cybersecurity policy decisions by government and industry. The DHS task force – including industry leaders from telecom and IT – is leading the charge on public-private-initiatives in response to foreign and other threats to emerging technologies such as next-generation 5G networks and the Internet of Things, affecting all major industry sectors and government purchasing decisions.
This package of background reading from Inside Cybersecurity was intended as preparation for a June 6 webinar co-hosted with USTelecom – and was made available to all registered participants. It includes articles addressing recent supply-chain security developments such as President Trump's executive order calling for regulations on banning U.S. tech purchases from foreign adversaries, DHS task force “work streams,” and reactions and perspectives from legal thinkers and policy leaders to the overall U.S. effort for protecting nation's supply chain.
CISA Director Christopher Krebs says supply-chain security will come to dominate his agency's agenda within the next few years, describing it almost as a flip-flop in priorities with cybersecurity.
Jeanette Manfra, assistant director for cybersecurity at DHS, says a government-industry task force for securing the telecommunications supply chain formed last year will be central to the department's role under a recent Trump executive order targeting foreign threats.
White House official: NTIA will helm executive order on Information and Communications Technology supply chain
The National Telecommunications and Information Administration will play the lead role in deciding which entities present “unmitigatable” risks to the supply chain for information and communications technology and should be flagged for national security, in line with the new executive order banning the import of such products and services, according to a senior White House official.
A supply-chain risk management approach developed by NASA is being considered as a model for a Department of Homeland Security task force working on cybersecurity recommendations for the telecommunications system, according to government and industry officials.
The Department of Homeland Security's task force on securing the communications and information technology supply chain has drafted guidelines for purchasing products from “trusted and approved” vendors, according to officials at a MITRE Corp. meeting on Thursday.
The Department of Homeland Security is tasked with conducting an extensive vulnerability assessment of the nation's telecommunications system within the next few months, under a recent Trump executive order seen as targeting China and tech giant Huawei for exclusion from the build-out of next-generation 5G networks.
President Trump signed an executive order today that requires the Department of Commerce to write regulations to bar purchases and imports of communications technology and services from foreign adversaries, a move that comes amid heightened concern about China's influence in development of next-generation 5G networks.
Kiersten Todt, executive director of the national cybersecurity commission in 2016, says the 5G-centered executive order on supply-chain security focuses on only a piece of the bigger issue, which requires a global response involving tight collaboration between the U.S. and “like-minded economic powers.”
The newly established Federal Acquisition Security Council is just beginning its work with the development of a “charter” and strategy for securing the government's supply chain, which will look beyond the risks posed by China, according to government and industry officials at a meeting hosted by MITRE Corp. today.
Robert Metzger, a leading lawyer on federal and defense acquisition rules, says President Trump's recent order on securing the communications and information technology supply chain will do more harm than good because of “unintended” consequences in addressing a “conjectural” threat.