Supply Chain Risk Management Capabilities Center
What does secure collaboration really look like in action?
There’s always tension between using the newest technology and ensuring it’s secure. In our latest e-book, we explore how federal leaders are navigating this challenge across branches and agencies.
CISA released two Industrial Control Systems (ICS) advisories on August 5, 2025. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.
Are you ready to accelerate zero trust at your agency?
“You have to be able to scale across hundreds of teams, thousands of workloads,” says AWS Principal Technologist Sean Phuphanich, when discussing how to make a zero trust architecture the foundation for modernization. “That’s really where a lot of the stumbling blocks come into play because then you’re dealing with a lot of different teams, different environments, different tools.”
The rapid advancement of technology and increasing data utilisation have underscored the need for new models to manage and secure big data effectively. However, the constraints of isolated network environments and the limitations of existing security frameworks hinder the adoption of cutting-edge technologies such as AI and cloud computing, as well as the safe utilisation of data.
Zero trust is a security paradigm whose fundamental philosophy is that every access to a resource must be explicitly verified, without assuming trust based on origin or identity. In a federated environment composed of multiple domains, ensuring zero trust guarantees for accessing shared resources is a challenge, as information on requesters is generated by their originating domain, yet requires explicit verification from the domain owning the resource.
This publication provides guidance on how to use Zero Trust in privacy implementation. It highlights the core principles of privacy and how they can align with a Zero Trust architecture, touching on privacy impact assessments (PIAs) as well.
As the world increasingly digitizes, these recommendations become all the more critical. They aren’t just about protecting privacy. Zero Trust ensures that organizations identify, locate, process, and dispose of such data with the right level of security.
Supply chain resilience is essential for companies to survive in today’s competitive market, as they face environmental and unforeseeable challenges in their supply chain. This paper aims to model and manage the factors and activities that influence supply chain resilience and how they relate to each other. This will help us devise plans for enhancing the resilience of a supply chain.
While all federal agencies are striving to reach the same place, no two agencies are taking the same path to get there. Hear from cyber leaders at the Cybersecurity and Infrastructure Security Agency, the Interior Department, the Secret Service and Verizon:
On June 14, 2024, President Biden issued an Executive Order on White House Council on Supply Chain Resilience (the “Order”). The Order, with a goal of strengthening US supply chain resilience and building “resilient, diverse, and secure supply chains,” encourages “close cooperation” with allies and partners to “foster collective economic and national security, encourage innovation, and strengthen the capacity to respond to and recover from international disasters and emergencies.”
By the authority vested in me as President by the Constitution and the laws of the United States of America, it is hereby ordered as follows:
Section 1. Policy. As described in Executive Order 14017 of February 24, 2021 (America’s Supply Chains), it is the policy of my Administration to strengthen the enduring resilience of America’s supply chains. The United States needs resilient, diverse, and secure supply chains to ensure our economic prosperity, public health, and national security.