The Cybersecurity and Infrastructure Security Agency’s (CISA) Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force approved the creation of a new working group to develop attestation frameworks around various aspects of supply chain risk management best practices.
Citing the vital need for a secure U.S. industrial base, U.S. Senators Mike Crapo (R-Idaho) and Mark Warner (D-Virginia) have introduced bipartisan legislation to guard against attempts by China and others to undermine U.S. national security by exploiting and penetrating U.S. supply chains.
Last month’s ASUS APT attack doesn’t come as a surprise to any security-conscious industry watcher – this highlights a long-standing flaw in many software supply chains today. Attackers have been engaged in spoofing websites, stealing credentials and gaining unauthorized access for years. Injecting malicious code into legitimate tools that are designed to protect represents the next evolution in putting companies and their customers at risk.
The Defense Industrial Base Sector Coordinating Council (DIB SCC) announced the chartering of the Supply Chain Cybersecurity Industry Task Force to identify, prioritize, oversee and drive adoption of implementable solutions to protect controlled unclassified information throughout the supply chain.
The FDA has launched a new pilot project to inform the development of a new electronic, interoperable track-and-trace system, anticipated for 2023, as part of the Drug Supply Chain Security Act (DSCSA).
A bipartisan bill has been introduced that would create an Office of Critical Technologies & Security in the White House, which would be charged with "coordinating across agencies and developing a long-term, whole-of-government strategy to protect against IP theft and risks to critical supply chains."
This month, Security magazine highlights the importance of establishing the right metrics for your security program. Also, we highlight Eric Clay, Director of Public Safety for CoxHealth, and discuss how to build a successful K-9 Program and rethink "red flags" to prevent insider threat attacks. Industry leaders discuss this year's Presidential Election security and 2020 predictions for the security industry.