Supply Chain Risk Management Capabilities Center
The DHS and two of its agencies, CISA and FEMA, on Tuesday announced the launch of a new campaign whose goal is to help critical infrastructure organizations become more secure and resilient.
The new campaign, called Shields Ready, complements an existing campaign named Shields Up, which focuses on providing recommendations and other resources that can help critical infrastructure organizations reduce risk in response to specific threat intelligence.
Wednesday, November 15, 2023
Time: 11 AM – 12 PM (EDT)
Location type: Virtual/Online
Location: Virtual
The Cybersecurity and Infrastructure Security Agency’s (CISA) Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force presents its latest product, “Empowering SMBs: A Resource Guide for Developing a Resilient Supply Chain Risk Management Plan.”
The Defense Department will release its first defense industrial strategy by the end of the year to better utilize the defense industrial base, while helping to secure supply chains to ensure the DoD is well prepared for the future.
The strategy will focus on four key pillars, said Justin McFarlin, the deputy assistant secretary of Defense for industrial base development and international engagement: resilient supply chains, workforce readiness, flexible acquisition and economic deterrence.
McFarlin said that supply chain and workforce are issues also affecting industry, which is still experiencing the impact of the COVID-19 pandemic and retention challenges.
October 24, 2023
1:00 PM Webinar
1 hour
Machine learning and artificial intelligence continue to play an important role in the evolution of agency people management, processes and technology. But how is the technology evolving to meet tomorrow’s needs?
The U.S. government has updated the list of tools AvosLocker ransomware affiliates use in attacks to include open-source utilities along with custom PowerShell, and batch scripts.
In a joint cybersecurity advisory, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) also share a YARA rule for detecting malware in the guise of a legitimate network monitoring tool.
A high-severity remote code execution (RCE) vulnerability in Apache NiFi, for which an exploitation tool already exists, can lead to unauthorized access and data breaches, cybersecurity firm Cyfirma warns.
When: Wednesday, October 4, 2023 · 10:00 a.m. Eastern Time (US & Canada) (GMT -4:00)
In this webinar, you will hear from experts on the role that satellite connectivity plays in keeping the supply chain connected from production to the transport of goods to their final destination.
Industrial control system (ICS) computers in the Western world have been increasingly attacked, but the percentages are still smaller compared to other parts of the globe, according to Kaspersky’s latest ICS threat landscape report.
In early August, the research team at ReversingLabs came across a malicious supply chain campaign that included 24 harmful Python packages called VMConnect. The team has associated the campaign with three very common open-source Python tools.
October 5, 2023, 1:30-2:30 PM ET
Zoom
Panelists will discuss the current or envisioned use of identity governance methods and tools within their organization and share lessons learned for the identity pillar on their journey towards zero trust.