Supply chain cyber security

Supply Chain Cyber Security refers to efforts to enhance cyber security within the supply chain. It is a subset of Supply Chain Security and is focused on the management of cyber security requirements for information technology systems, software and networks, which are driven by threats such as cyber-terrorism, malware, data theft and the Advanced Persistent Threat (APT). Typical supply chain cyber security activities for minimizing risks include buying only from trusted vendors, disconnecting critical machines from outside networks, and educating users on the threats and protective measures they can take.

The acting deputy undersecretary for the National Protection and Programs Directorate for the United States Department of Homeland Security, Greg Schaffer, said at a hearing that he is aware that there are instances where malware has been found on imported electronic and computer devices sold within the United States. [1]

Examples of Supply Chain Cyber Security Threats

Related U.S. Government Efforts

  • Diplomacy: The strategy sets out to “promote an open, interoperable, secure and reliable information and communication infrastructure” by establishing norms of acceptable state behavior built through consensus among nations.
  • Development: Through this strategy the government seeks to “facilitate cybersecurity capacity-building aboard, bilaterally and through multilateral organizations.” The objective is to protect the global IT infrastructure and to build closer international partnerships to sustain open and secure networks.
  • Defense: The strategy calls out that the government “will ensure that the risks associated with attacking or exploiting our networks vastly outweigh the potential benefits” and calls for all nations to investigate, apprehend and prosecute criminals and non-state actors who intrude and disrupt network systems.

Related Government Efforts Around the World

Other References

See also

References

  1. "Homeland Security: Devices, Components Coming In With Malware". Informationweek. 2011-07-11. Retrieved 2011-09-16.
This article is issued from Wikipedia - version of the 7/8/2015. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.