DHS supply chain task force tees up plans

BY By julia.m Royalty-free stock vector ID: 779956477 

A Department of Homeland Security official said a task force focused on securing the technology supply chain from cybersecurity threats is aiming to deliver a series of recommendations this summer to help guide reforms to federal and industry acquisition practices

In a March 16 interview with Government Matters, Bob Kolasky, Director of the National Risk Management Center and co-chair of the supply chain task force, said there are currently five working groups dedicated to laying the ground work for five priorities that will tee up larger initiatives down the line.

Those priorities include creating a general inventory of supply chain activities taking place across the federal government, improving bi-directional threat information sharing between the government and private sector, developing criteria for evaluating when threats should lead to different risk-based decision frameworks, making recommendations on qualified bidder and manufacturer lists and how to set up procurement rules around original equipment manufacturers and authorized resellers.

The task force, chaired by DHS and populated with representatives from industry, the contracting community other executive branch agencies and subject matter experts, met for the first time last week.

Kolasky said a key metric to judge the group's success is "did this fundamentally change the nature of how risks are being managed in the supply chain?"

"I want to come back years from now and say these recommendations made a difference in supply chain risk management," Kolasky said. "Do [they] make sense? Are they accepted in the policy process where they're linked to policies? Are businesses starting to do things? is it going to lead to building a more robust information repository?"

The task force will also need to figure out how best to work alongside another cross-agency body, the Federal Acquisition Security Council, that will also focus on supply chain security. The council was established through legislation passed by Congress late last year and is charged with a similar, overlapping mission, helping to steer development of National Institute of Standards and Technology guidance, crafting information sharing protocols and diving into federal procurement law.

On Mar. 18, DHS released a budget request for fiscal year 2020 that included $68 million and 169 employees for the National Risk Management Center, which houses the task force. The budget would realign $18.4 million and 35 employees from the Cybersecurity and Infrastructure Security Agency to the center to support a range of activities, including work on the supply chain.

About the Author

Derek B. Johnson is a former senior staff writer at FCW.


  • People
    Federal 100 logo

    Announcing the 2021 Federal 100 Award winners

    Meet the women and men being honored for their exceptional contributions to federal IT.

  • Comment
    Diverse Workforce (Image: Shutterstock)

    Who cares if you wear a hoodie or a suit? It’s the mission that matters most

    Responding to Steve Kelman's recent blog post, Alan Thomas shares the inside story on 18F's evolution.

Stay Connected