GovLoop Guide: Meeting the Requirements
of the Supply Chain Imperative
Created in partnership with GovLoop and supported by Expanse, Forescout, IronNet, Qmulos and RSA
GovLoop Supply Chain Risk Management Guide cover

IT modernization ranks as a top priority for the federal government, but it also further complicates a concern that agencies have faced every day for decades: managing the risks to their cyber supply chains. IT modernization adds more third-party providers to the mix, creating increasingly complex supply chains for agencies to monitor. The subsequent balancing act can leave agencies struggling to avoid security threats and modernize their IT at the same time.

IT supply chains are the systems that move IT products or services from suppliers to customers. Managing IT supply chain risks becomes increasingly important when you consider the cost of cybersecurity failures. Because IT supply chains contain activities, information, organizations, people, and resources, they’re bursting with possible security vulnerabilities. In terms of federal IT supply chains, security missteps can damage the economy, national security and even public health.

IT supply chains are the systems that move IT products or services from suppliers to customers. Managing IT supply chain risks becomes increasingly important when you consider the cost of cybersecurity failures. Because IT supply chains contain activities, information, organizations, people, and resources, they’re bursting with possible security vulnerabilities. In terms of federal IT supply chains, security missteps can damage the economy, national security and even public health.

In May 2019, President Trump issued an executive order underscoring the danger the federal information and communications technology (ICT) and services supply chains present to the U.S. Trump’s order prohibited agencies from using technology and services from any party related to America’s foreign adversaries. Four months later, the Cybersecurity and Infrastructure Security Agency (CISA) published a report identifying nearly 200 security threats to these supply chains. CISA’s list included hazards such as counterfeit components, poor product designs and malicious hardware and software. If exploited, these types of vulnerabilities could disrupt public services, cause unexpected costs for agencies and erode citizens’ trust in their government.

Download the guide to read more about strengthening and mitigating risks to IT supply chains. You'll learn:

  • How risk management for federal information and communications technology and services supply chains is evolving.
  • How agencies can manage their supply chain ecosystems so they don't sacrifice security for modernization.
  • Why agencies need full visibility into their supply chains for tomorrow's technologies.

Plus, hear from supply chain leaders at the Department of Homeland Security (DHS) and General Services Administration (GSA) as well as Carahsoft's technology experts.

By supplying my contact information, I authorize Carahsoft and its vendors and partner community to contact me with personalized communications about their products and services. Please review our Privacy Policy for more details or to opt-out at any time.