The Cybersecurity and Infrastructure Security Agency (CISA) is taking a multi-faceted approach to supply chain security, and chief among them is putting in place strong public-private partnerships to maintain supply chain resilience and maintaining high awareness about the sources of supply chain threats.
That was the word from Mara Winn, Associate Director of CISA’s National Risk Management Center (NRMC), who provided updates on the NRMC’s work at FCW’s NASA SEWP SCRM Hybrid Forum 2022 on May 24.
Having a common language on security then allows organizations to have an “apples-to-apples conversation with your vendors” that are especially useful because different groups have different tolerance for risk, she said.
Winn also emphasized the importance of agencies constantly looking for where threats are coming from, and understand the trustworthiness of their own supply chain. She highlighted that everyday risks to the supply chain are “more than just ships having trouble in ports.”
Source: NRMC: Vulnerability Awareness, Partnerships Essential to ICT Supply Chain Security – MeriTalk