Supply Chain Integrity Month

April is National Supply Chain Integrity Month. In partnership with the Office of the Director of National Intelligence (ODNI), the Department of Defense, and other government and industry partners, CISA is promoting a call to action for a unified effort by organizations across the country to strengthen global supply chains.

Pipeline Cybersecurity Library

Securing the Nation’s pipeline ecosystem from cybersecurity threats depends on a unified effort. CISA’s National Risk Management Center (NRMC) has compiled this library to provide pipeline facilities, companies, and stakeholders with a set of free, voluntary resources to strengthen their cybersecurity posture.

While these resources are available to stakeholders in every critical infrastructure sector, this library is especially useful for:

Systemic Cyber Risk Reduction

Working with government and industry partners, CISA’s National Risk Management Center is adding analytic rigor to the ability for organizations to quantify cyber risk impact for cybersecurity measures they have in place in order to develop actionable metrics, and use this information to reduce shared risk to the Nation’s security and economic security.

COVID-19 Vaccine Rollout

CISA is working with the Department of Health and Human Services, Department of Defense, and other government partners to support the delivery of COVID-19 vaccinations throughout the U.S., including support to Operation Warp Speed. As part of the unified federal effort, CISA brings expertise in risk analysis and mitigation approaches, cyber and physical security, supply chain security, and critical infrastructure partnerships.

ICT SCRM Task Force Year Two Report

This report provides an update on the ICT Supply Chain Risk Management (SCRM) Task Force’s progress in Year Two to advance meaningful partnerships and analysis around supply chain security and resilience. The report summarizes the work of the Task Force’s five working groups to address challenges to information sharing, threat analysis, qualified bidder and qualified manufacturer lists, vendor assurance, and impacts of the COVID-19 pandemic on ICT supply chains.

Return to ICT Supply Chain Risk Management.

ICT SCRM Task Force Events

CISA's virtual event, Partnership in Action: Driving Supply Chain Security, will take place on December 17 from 2-4 pm ET. This event is a unique opportunity for the cybersecurity, critical infrastructure, and information security communities to learn about the Task Force’s progress, findings, and accomplishments in Year Two to further assess and manage risks associated with the global ICT supply chain.

5G Edge Vs Core

The Edge vs. Core - An Increasingly Less Pronounced Distinction in 5G Networks informs stakeholders about how edge computing increases the risks of untrusted components into 5G networks by moving core functions away from traditional network boundaries. The product is intended to provide an overview of edge computing and represents CISA’s analysis of the risks associated with installation of untrusted components into 5G infrastructures.