Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Future of Government Data Centers
- The Future of IT: How CIOs Can Enable the Service-Oriented Enterprise
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Satellite Communications: Acquiring SATCOM in Tight Times
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Value of Health IT
- Air Traffic Management Transformation Report
- Cloud First Report
- General Dynamics IT Enterprise Center
- Gov Cloud Minute
- Government in Technology Series
- Homeland Security Cybersecurity Market Report
- National Cybersecurity Awareness Month
- Technology Insights
- The Cyber Security Report
- The Next Generation Cyber Security Experts
Shows & Panels
Government needs more risk management across cyber supply chain, report says
Wednesday - 2/15/2012, 10:33am EST
Now a collaboration between academia and NIST has produced a plan for supply chain policy.
The University of Maryland has published a report, in collaboration with NIST, on how the government and industry are addressing the cyber supply chain challenge.
"We know that accelerating globalization and outsourcing of both software code and hardware production is presenting tremendous assurance challenges to the government and to the vendor community," said Sandor Boyson, co-director and research professor of supply chain management at the University of Maryland, in an interview with The Federal Drive with Tom Temin.
In their first phase of research, NIST and the university found that nearly half of 200 federal IT vendors surveyed did not have any kind of risk management mechanism in place. The results, Boyson said, were "quite disturbing."
In the past couple of years, industry has increased focus on risk management internally and in acquisition, but Boyson said more focus needs to be dedicated to "enterprise risk management across the supply chain."