Author: Wes Rogers, Cybersecurity and Infrastructure Security Agency, and Charlie Sasser, SAFECOM Member, National Association of State Technology Directors
This infographic identifies the risks associated with physical, cyber, utilities and services, and network resilience of telecommunications central office services as well as potential mitigations to improve telecommunication resiliency. It is meant to facilitate constructive and meaningful dialogue between service providers and their customers in critical infrastructure and Federal, State, Local, Tribal, and Territorial (FSLTT) governments on how to lower the risk to their facilities from physical and cyber threats.
Author: Josh Black, Cybersecurity and Infrastructure Security Agency (CISA), Joint SAFECOM-NCSWIC NG911 Working Group Federal Lead
New technologies in 911 centers are enabling the public to exchange multimedia (e.g., photos, videos, text messages) with 911 centers, which can improve situational awareness and inform emergency response efforts. However, this data can impact 911 operations, resources, and personnel.
CISA, in coordination with the National Security Agency, and the Office of the Director of National Intelligence, as part of the Enduring Security Framework (ESF)—a cross-sector, public-private working group—released a Potential Threat Vectors to 5G Infrastructure paper. This paper identifies and assesses risks and vulnerabilities introduced by 5G.
Bug Bytes, the second graphic novel in CISA’s Resilience Series, communicates the dangers and risks associated with threat actors using social media and other communication platforms to spread mis-, dis-, and malinformation (MDM) for the sole purpose of planting doubt in the minds of targeted audiences to steer their opinion.
This report, Mitigating ICT Supply Chain Risks with Qualified Bidder and Manufacturer Lists, provides organizations a list of criteria and factors that can be used to inform an organization's decision to build or rely on a qualified list for the acquisition of information and communications technology (ICT) products and services.
The Vendor SCRM Template provides a set of questions regarding an ICT supplier/provider’s implementation and application of industry standards and best practices that can help guide supply chain risk planning in a standardized way. The template provides organizations clarity for reporting and vetting processes when purchasing ICT hardware, software, and services.
April is National Supply Chain Integrity Month.
This report provides an update on the ICT Supply Chain Risk Management (SCRM) Task Force’s progress in Year Two to advance meaningful partnerships and analysis around supply chain security and resilience. The report summarizes the work of the Task Force’s five working groups to address challenges to information sharing, threat analysis, qualified bidder and qualified manufacturer lists, vendor assurance, and impacts of the COVID-19 pandemic on ICT supply chains.
Return to ICT Supply Chain Risk Management.