FCC advisory council approves report providing guidance on securing software supply chain

An FCC advisory council tackling security issues has approved a report evaluating recent software supply chain attacks and making recommendations on considerations for the communications sector.

Working group five of the Communications Security, Reliability, and Interoperability Council VIII looked at the SolarWinds hack, Log4j vulnerability and Kaseya ransomware attack in its investigation and met with federal agencies and other stakeholders to inform the report’s findings. The report is one of two publications approved by CSRIC at its Wednesday meeting....