Three agencies fall short in assessing IT supply chain risks

Gregory Wilshusen, GSA\'s director of information security issue, discussed a recent report about IT supply chain risks with The Federal Drive with Tom Temin and...

A recent Government Accountability Office report on IT supply change management revealed that three agencies had failed to take sufficient actions in reviewing supply chain risks for their internal department systems — the departments of Homeland Security, Energy and Justice.

“We compared what the federal guidelines that NIST (National Institute of Standards and Technology) had developed for agencies to identify and respond to these risks,” said Gregory Wilshusen, GSA’s director of information security issues.

Potential risks to agency IT equipment could include counterfeit parts, harmful or malicious software and the disruption in the production or distribution of critical products.

Wilshusen told The Federal Drive with Tom Temin and Emily Kopp that the report was not all bad news. The Department of Defense had made much greater progress in its review, implementation and methods for countering IT supply chain risks.

This story is part of Federal News Radio’s daily Cybersecurity Update. For more cybersecurity news, click here.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

    U.S. Department of Transportation photoDepartment of Transportation

    Luckily the nation has this federal executive to worry about pipeline safety

    Read more

    This proposed SBA procurement rule fixes one they got wrong in the first place

    Read more