The Cybersecurity and Infrastructure Security Agency (CISA) met in Washington, D.C. last week to discuss how to help industry and government stakeholders manage risks to information and communications technology (ICT) supply chains.
At the meeting, CISA’s Information and Communications Technology (ICT) Supply Chain Risk Management Task Force approved a recommendation for a rule to prevent counterfeit ICT from being procured. The rule would incentivize ICT purchase from original equipment manufacturers and authorized resellers only.
The task force also discussed ways to provide input into the recently launched Federal Acquisition Security Council.
“Today’s meeting of the full Task Force was a timely opportunity for the ICT community across government and industry to come together to discuss progress being made at reducing risk to the Nation’s ICT supply chains, via enhanced information sharing, better understanding of risks and targeted efforts on the Federal and industry side to elevate the level of trust in critical supply chains” Bob Kolasky, director of CISA’s National Risk Management Center, said. “The National Risk Management Center is committed to this, and similar, public-private initiatives to address the most pressing risks facing the Nation’s infrastructure.”
The task force is made up of 40 prominent organizations in the IT and Communications Sectors and 20 representatives from federal agencies.
“The opportunity to collaborate with experts representing multiple government agencies and Industry segments is, itself, a significant Task Force accomplishment,” Robert Mayer, senior vice president of Cybersecurity at USTelecom and co-chair of the task force, said. “The quality work being produced by the working groups reflects a highly effective public-private partnership.”
The task force plans to release a public summary of its recommendations by the end of summer.
“The ICT Supply Chain Risk Management Task Force continues to prove both the necessity and value of public-private collaboration in tackling shared challenges to managing risks to global ICT supply chains,” John Miller, vice president of policy and senior counsel at the Information Technology Industry Council and co-chair of the task force, said. “The task force has emerged as a focal point for driving government-industry teamwork and as a mechanism for providing invaluable private sector expertise to DHS and other federal government stakeholders.”