Homeland Security

DHS developing supply chain security initiative

open lock (ESB Professional/Shutterstock.com) 

The Department of Homeland Security launched an internal supply chain cybersecurity initiative to determine where government agencies and private companies are lacking, the agency's top cyber official Jeanette Manfra announced at a Brookings Institution tech event in Washington, D.C., Feb. 14.

The move comes in the wake of the agency's management of a governmentwide ban on Kaspersky Lab software because of the company's alleged ties to Russian intelligence.

"We can't just all throw up our hands and say, 'It's too complicated, I'll never know where the code is coming from.' At some point we will know; we can figure it out -- collectively," Manfra, who is the assistant secretary for cybersecurity, said during a panel discussion commemorating the fourth anniversary of the National Institute for Standards and Technology cybersecurity framework and the future of cybersecurity.

Working on supply chain issues isn't new for DHS, but the new initiative, launched via an internal memo earlier this year, is "a focused effort with dedicated staff," Manfra said.

"We need to have improved ability for DHS, [General Services Administration], the intel community to be in a position to help inform procurement decisions by the federal government and other agencies throughout the civilian government," Manfra told reporters following the event. "We're working on building those mechanisms and DHS' role in pulling that altogether, and also working with industry experts to refine what are the supply chain risks that we should be concerned about."

Manfra also mentioned NIST as a partner during the panel discussion.

DHS' supply chain effort doesn't have a "done" date, as Manfra put it, but is more of a "potentially enduring function" that serves as a "concerted effort to take all of the potential gaps that may be in the federal system or industry and figure out what is the role of DHS."

A DHS official told FCW via email the initiative will provide actionable information about supply chain risks and mitigations to users, buyers, manufacturers and sellers of tech products. It will also identify risks to federal networks and other national or global stakeholders.

"As we develop this capability, we are collaborating with our public and private sector partners to ensure the initiative meets the supply chain risk management needs of our diverse stakeholder groups," the official said.

About the Author

Lauren C. Williams is a staff writer at FCW covering defense and cybersecurity.

Prior to joining FCW, Williams was the tech reporter for ThinkProgress, where she covered everything from internet culture to national security issues. In past positions, Williams covered health care, politics and crime for various publications, including The Seattle Times.

Williams graduated with a master's in journalism from the University of Maryland, College Park and a bachelor's in dietetics from the University of Delaware. She can be contacted at lwilliams@fcw.com, or follow her on Twitter @lalaurenista.

Click here for previous articles by Wiliams.


  • Congress
    U.S. Capitol (Photo by M DOGAN / Shutterstock)

    Funding bill clears Congress, heads for president's desk

    The $1.3 trillion spending package passed the House of Representatives on March 22 and the Senate in the early hours of March 23. President Trump is expected to sign the bill, securing government funding for the remainder of fiscal year 2018.

  • 2018 Fed 100

    The 2018 Federal 100

    This year's Fed 100 winners show just how much committed and talented individuals can accomplish in federal IT. Read their profiles to learn more!

  • Census
    How tech can save money for 2020 census

    Trump campaign taps census question as a fund-raising tool

    A fundraising email for the Trump-Pence reelection campaign is trying to get supporters behind a controversial change to the census -- asking respondents whether or not they are U.S. citizens.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.