Posted by Robert Vamosi on August 22, 2016
U.S. National Counterintelligence and Security Center (NSCS) will soon supply specific critical U.S. telecommunications, energy and financial organizations with classified supply chain threat reports.
Last Thursday, the NSCS released a video highlighting the need for greater security around the supply chain.
The video points out that during the Cold War, one could protect secrets by locking them in a safe. Today, with digital assets, secrets are vulnerable to a wide variety of attackers, not just nation-states, but competitors.
Among the tips shared, the NSCS recommends integrating the acquisition office with other departments, most notable information assurance and security.
“Know your suppliers,” the video said. “Due diligence is imperative so make sure your acquisition team is asking the right questions before procuring a particular product or service from an outside company questions like who are their strategic partners and subcontractors are they associated with organizations that are competitive or adversarial with the United States.”
Get the latest Software Integrity news, thought leadership, and more.