Acquisition

DHS supply chain task force tees up plans

BY By julia.m Royalty-free stock vector ID: 779956477 

A Department of Homeland Security official said a task force focused on securing the technology supply chain from cybersecurity threats is aiming to deliver a series of recommendations this summer to help guide reforms to federal and industry acquisition practices

In a March 16 interview with Government Matters, Bob Kolasky, Director of the National Risk Management Center and co-chair of the supply chain task force, said there are currently five working groups dedicated to laying the ground work for five priorities that will tee up larger initiatives down the line.

Those priorities include creating a general inventory of supply chain activities taking place across the federal government, improving bi-directional threat information sharing between the government and private sector, developing criteria for evaluating when threats should lead to different risk-based decision frameworks, making recommendations on qualified bidder and manufacturer lists and how to set up procurement rules around original equipment manufacturers and authorized resellers.

The task force, chaired by DHS and populated with representatives from industry, the contracting community other executive branch agencies and subject matter experts, met for the first time last week.

Kolasky said a key metric to judge the group's success is "did this fundamentally change the nature of how risks are being managed in the supply chain?"

"I want to come back years from now and say these recommendations made a difference in supply chain risk management," Kolasky said. "Do [they] make sense? Are they accepted in the policy process where they're linked to policies? Are businesses starting to do things? is it going to lead to building a more robust information repository?"

The task force will also need to figure out how best to work alongside another cross-agency body, the Federal Acquisition Security Council, that will also focus on supply chain security. The council was established through legislation passed by Congress late last year and is charged with a similar, overlapping mission, helping to steer development of National Institute of Standards and Technology guidance, crafting information sharing protocols and diving into federal procurement law.

On Mar. 18, DHS released a budget request for fiscal year 2020 that included $68 million and 169 employees for the National Risk Management Center, which houses the task force. The budget would realign $18.4 million and 35 employees from the Cybersecurity and Infrastructure Security Agency to the center to support a range of activities, including work on the supply chain.

About the Author

Derek B. Johnson is a senior staff writer at FCW, covering governmentwide IT policy, cybersecurity and a range of other federal technology issues.

Prior to joining FCW, Johnson was a freelance technology journalist. His work has appeared in The Washington Post, GoodCall News, Foreign Policy Journal, Washington Technology, Elevation DC, Connection Newspapers and The Maryland Gazette.

Johnson has a Bachelor's degree in journalism from Hofstra University and a Master's degree in public policy from George Mason University. He can be contacted at djohnson@fcw.com, or follow him on Twitter @derekdoestech.

Click here for previous articles by Johnson.


Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.