A recent Government Accountability Office report on IT supply change management revealed that three agencies had failed to take sufficient actions in reviewing supply chain risks for their internal department systems — the departments of Homeland Security, Energy and Justice.
“We compared what the federal guidelines that NIST (National Institute of Standards and Technology) had developed for agencies to identify and respond to these risks,” said Gregory Wilshusen, GSA’s director of information security issues.
Potential risks to agency IT equipment could include counterfeit parts, harmful or malicious software and the disruption in the production or distribution of critical products.
Wilshusen told The Federal Drive with Tom Temin and Emily Kopp that the report was not all bad news. The Department of Defense had made much greater progress in its review, implementation and methods for countering IT supply chain risks.
This story is part of Federal News Radio’s daily Cybersecurity Update. For more cybersecurity news, click here.
Tom Temin is the host of The Federal Drive, which airs from 6-9 a.m. on 1500 AM in the Washington, DC region and online everywhere. Tom has 30 years experience in journalism, mostly in technology markets. Before coming to Federal News Radio, he was a long-serving editor-in-chief of Government Computer News and Washington Technology magazines.