Federal agencies have lately made it a top priority to ensure supply chain security, and they’re seeking to improve risk management for their programs. Shiffman said it is a positive sign the federal chief information security officer has laid out several top goals around supply chain cybersecurity.
These goals are achievable now that big data and machine learning exist, he said.
“I think the initiative is fantastic,” Shiffman continued. “The technology cuts both ways. Our adversaries can also take advantage of technology to exploit new vulnerabilities. In a sense, shame on us if we don’t move forward and do this. That’s the way I see it, we have to do this, and I applaud the move and the statement.”
Zanni noted it’s important for the industry as a whole there be some means to ensure trusted organizations are in the data loop.
The departments of Defense and Homeland Security “have good systems today and it should expand to federal. But any time you are giving a trust rating to an entity, the broader it is, the more you should be careful because we know perception is reality,” Zanni said.