PUBLICATION

Paper and FAQs on Executive Order 13873 Response: Methodology for Assessing the Most Critical ICT and Services and FAQs Document

Revision Date

December 17, 2020

Related topics:

Critical Infrastructure Security and Resilience, Risk Management, Information and Communications Technology Supply Chain Security

In response to Executive Order 13873, CISA's and the ICT Supply Chain Risk Management Task Force worked with government and industry partners to develop two resources that describe a standardized taxonomy of information and communications technology (ICT) elements; perform criticality assessments on the ICT elements with appropriate stakeholder input; and assess the national security risks stemming from vulnerabilities in ICT hardware, software, and services, including components enabling 5G communication.

Please note that these resources are provided "as is" informational purposes only. This methodology can be used as an input to a risk assessment, but by itself is not sufficient for a comprehensive review of risk.

Paper and FAQs on Executive Order 13873 Response: Methodology for Assessing the Most Critical ICT and Services and FAQs Document

Resource Materials

Tags

Cybersecurity Advisory Committee (CSAC) Reports and Recommendations

Cybersecurity Advisory Committee (CSAC) Subcommittee Fact Sheet

Secure by Design Alert: Eliminating Directory Traversal Vulnerabilities in Software

Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity

Paper and FAQs on Executive Order 13873 Response: Methodology for Assessing the Most Critical ICT and Services and FAQs Document

Resource Materials

Tags

Related Resources

Cybersecurity Advisory Committee (CSAC) Reports and Recommendations

Cybersecurity Advisory Committee (CSAC) Subcommittee Fact Sheet

Secure by Design Alert: Eliminating Directory Traversal Vulnerabilities in Software

Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity