The Task Force, chaired by CISA's National Risk Management Center and the Information Technology and Communications Sector Coordinating Councils, is a public-private partnership composed of a diverse range of representatives from public and private sector organizations charged with identifying challenges and devising realistic, actionable, and risk-based recommendations and solutions for managing risks to the global ICT supply chain.
Over the last two years, the Task Force's working groups have diligently and collaboratively produced valuable products, resources, and tools that help mitigate risks to the ICT supply chain.
This Handbook provides an overview of the most critical supply chain risk categories commonly faced by ICT SMBs and provides resources that can assist SMBs mitigate against these risks.
This Guide offers businesses the tools to develop an actionable supply chain risk management plan to mitigate the risk of disruption to their supply chain, enhance supply chain resilience, and satisfy requests from stakeholder procurement processes.
This product provides a baseline Framework for organizations to consider when building their own HBOM. The Framework includes a consistent naming methodology for attributes of components, a format for identifying and providing information about the different types of components, and guidance of what HBOM information is appropriate depending on the purpose for which the HBOM will be used.
The renewal of the Task Force will allow working groups to continue the development of valuable products such as the Software Assurance Buyers Guide and continue work related to the newly formed Artificial Intelligence working group.
The AI working group seeks to identify beneficial ways in which AI can be used to mitigate threats posed to ICT SCRM processes.
The Task Force will be hosting its first annual ICT SCRM Task Force Conference.
The charter renewal will also ensure that both government and industry members can continue to collaborate on other ongoing public-private engagement efforts around supply chain.
In the next two years, through January 2026, the Task Force will continue to explore means for building and strengthening partnerships with stakeholders who can help grow the applicability and utilization of Task Force products, tools, and resources to better manage risks facing the ICT supply chain.
With the interconnectedness between the sectors and the scale of supply chain risks faced by both government and industry, private-public coordination is essential to enhance ICT supply chain resilience.
This Cyber News was published on www.cisa.gov. Publication date: Tue, 06 Feb 2024 19:13:05 +0000