Software Supply Chain

The more daily life becomes software dependent, the more urgent the need for organizations deploying software – including federal agencies – to ensure security in the software supply chain.Read more

The State Department released a first-of-its-kind memo tackling how new software supply chain risk management processes will change the federal contracting and awards space. Michael Derrios, deputy assistant secretary and senior procurement executive at the State Department Bureau of Administration said State chose to move forward ahead of the expected rules because it’s at the forefront of targeting.

Software supply chain management has been a hot topic across agencies as many are starting to focus on software bills of materials (SBOMs).

Carol Woody, principal researcher for the Software Engineering Institute at Carnegie Mellon University, said focusing exclusively on SBOMs can run the risk of missing the other half of the problem: How is the software purchaser going to use it, and what risks are inherent in that use?