The Homeland Security Department’s initiatives over the past year to address supply chain risks aren’t even close to hitting a crescendo. But the pace and volume of the drumbeat is distinctly mounting.
If the efforts to ban Kaspersky Lab, ZTE and Huawei products were just the prelude to the symphony, then the National Risk Management Center’s initial sprint topics, the business due diligence request for information and the latest effort to use the power of federal procurement are the opening sonata.
“There is a growing awareness and understanding to this issue. Our biggest challenge today is not having a national strategy around it while other countries do,” said Jennifer Bisceglie, president and CEO of Interos Solutions, which provides risk assessment services. “Until we have a national strategy, you will have pop up policies or programs or studies, like the one from MITRE. The time is beyond here to have a national strategy.”
The White House’s National Cyber Strategy gave a brief mention to supply chain risk management, saying the government should “improve awareness of supply chain threats and reduce duplicative supply chain activities within the United States government, including by creating a supply chain risk assessment shared service.” But it offered no specific details or initiatives.