Three agencies fall short in assessing IT supply chain risks

Gregory Wilshusen, GSA\'s director of information security issue, discussed a recent report about IT supply chain risks with The Federal Drive with Tom Temin an...

A recent Government Accountability Office report on IT supply change management revealed that three agencies had failed to take sufficient actions in reviewing supply chain risks for their internal department systems — the departments of Homeland Security, Energy and Justice.

“We compared what the federal guidelines that NIST (National Institute of Standards and Technology) had developed for agencies to identify and respond to these risks,” said Gregory Wilshusen, GSA’s director of information security issues.

Potential risks to agency IT equipment could include counterfeit parts, harmful or malicious software and the disruption in the production or distribution of critical products.

Wilshusen told The Federal Drive with Tom Temin and Emily Kopp that the report was not all bad news. The Department of Defense had made much greater progress in its review, implementation and methods for countering IT supply chain risks.

This story is part of Federal News Radio’s daily Cybersecurity Update. For more cybersecurity news, click here.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

    Getty Images/ArtemisDianaCloud Financial Management - FinOps - Conceptual Illustration

    OPM tries a shift-left approach to anticipating the costs of new tech projects

    Read more