Homeland Security

DHS developing supply chain security initiative

open lock (ESB Professional/Shutterstock.com) 

The Department of Homeland Security launched an internal supply chain cybersecurity initiative to determine where government agencies and private companies are lacking, the agency's top cyber official Jeanette Manfra announced at a Brookings Institution tech event in Washington, D.C., Feb. 14.

The move comes in the wake of the agency's management of a governmentwide ban on Kaspersky Lab software because of the company's alleged ties to Russian intelligence.

"We can't just all throw up our hands and say, 'It's too complicated, I'll never know where the code is coming from.' At some point we will know; we can figure it out -- collectively," Manfra, who is the assistant secretary for cybersecurity, said during a panel discussion commemorating the fourth anniversary of the National Institute for Standards and Technology cybersecurity framework and the future of cybersecurity.

Working on supply chain issues isn't new for DHS, but the new initiative, launched via an internal memo earlier this year, is "a focused effort with dedicated staff," Manfra said.

"We need to have improved ability for DHS, [General Services Administration], the intel community to be in a position to help inform procurement decisions by the federal government and other agencies throughout the civilian government," Manfra told reporters following the event. "We're working on building those mechanisms and DHS' role in pulling that altogether, and also working with industry experts to refine what are the supply chain risks that we should be concerned about."

Manfra also mentioned NIST as a partner during the panel discussion.

DHS' supply chain effort doesn't have a "done" date, as Manfra put it, but is more of a "potentially enduring function" that serves as a "concerted effort to take all of the potential gaps that may be in the federal system or industry and figure out what is the role of DHS."

A DHS official told FCW via email the initiative will provide actionable information about supply chain risks and mitigations to users, buyers, manufacturers and sellers of tech products. It will also identify risks to federal networks and other national or global stakeholders.

"As we develop this capability, we are collaborating with our public and private sector partners to ensure the initiative meets the supply chain risk management needs of our diverse stakeholder groups," the official said.

About the Author

Lauren C. Williams is a staff writer at FCW covering defense and cybersecurity.

Prior to joining FCW, Williams was the tech reporter for ThinkProgress, where she covered everything from internet culture to national security issues. In past positions, Williams covered health care, politics and crime for various publications, including The Seattle Times.

Williams graduated with a master's in journalism from the University of Maryland, College Park and a bachelor's in dietetics from the University of Delaware. She can be contacted at lwilliams@fcw.com, or follow her on Twitter @lalaurenista.

Click here for previous articles by Wiliams.


Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.