The Contracting Education Academy

Contracting Academy Logo
  • Home
  • Training & Education
  • Services
  • Contact Us
You are here: Home / Government Contracting News / How to manage risk along the federal government supply chain

September 3, 2019 By cs

How to manage risk along the federal government supply chain

Even the most sophisticated federal agencies have found it difficult to effectively measure and evaluate the cyber risk of their contractor base.

The U.S. federal government relies on an ever-expanding supply chain of tens of thousands of contractors and subcontractors to provide critical services, hold and maintain sensitive data, and perform key functions. While this supply chain is essential to agencies’ fundamental operations, it also increases the number of access point nefarious actors have to their systems and data and, consequently, puts agencies and sensitive data at greater risk.

Even the most sophisticated federal agencies have found it difficult to effectively measure and evaluate the cyber risk of their contractor base. For example, the Navy recently released a report that highlighted growing concerns around supply chain cybersecurity, noting that the federal supply chain has been “compromised in ways and to an extent yet to be fully understood.” In a July 2019 report on the security of its contractors, the Defense Department Inspector General was blunt: The department “does not know the amount of DoD information managed by contractors and cannot determine whether contractors are protecting unclassified DoD information from unauthorized disclosure.”

In fact, data suggests that contractors are not meeting agency expectations for security. Recent BitSight research found that the average security performance rating across all federal agencies was at least 15 points higher than the mean security performance rating of any contractor sector. In other words, there is a significant security performance gap between federal agencies and their supply chain partners.

The time has come for agencies to prioritize this critical risk in their cybersecurity programs. There are steps agencies can take to more effectively measure, monitor and manage this challenge.

Keep reading this article at: https://www.nextgov.com/ideas/2019/08/how-manage-risk-along-federal-government-supply-chain/159401/

Filed Under: Government Contracting News Tagged With: collaboration, controlled unclassified information, cybersecurity, DoD, monitoring, Navy, sensitive data, supply chain, supply chain management, vulnerability

Popular Topics

abuse acquisition reform acquisition strategy acquisition training acquisition workforce Air Force Army AT&L bid protest budget budget cuts competition cybersecurity DAU DFARS DHS DoD DOJ FAR fraud GAO Georgia Tech GSA GSA Schedule GSA Schedules IG industrial base information technology innovation IT Justice Dept. Navy NDAA OFPP OMB OTA Pentagon procurement reform protest SBA sequestration small business spending technology VA
Contracting Academy Logo
75 Fifth Street, NW, Suite 300
Atlanta, GA 30308
info@ContractingAcademy.gatech.edu
Phone: 404-894-6109
Fax: 404-410-6885

RSS Twitter

Search this Website

Copyright © 2023 · Georgia Tech - Enterprise Innovation Institute