Tags supply chain security
Classified data key to new acquisition approach, Federal CISO says
The new regime contrasts from previous “Whac-A-Mole” approaches that were confined to the unclassified space, Grant Schneider said.
Fortinet settles charges of selling intentionally mislabeled Chinese-made tech to U.S. military
Fortinet acknowledged that an employee altered labels on products to make them appear compliant a law prohibiting federal agencies from acquiring products in specific countries.
ASUS issues patch, downplays scope of APT hack of its supply chain
ASUS's statement contrasted with the findings of researchers who called the hack seemingly “one of the biggest supply-chain incidents ever.”
D.C. Metro system beefs up supply-chain cybersecurity provisions for new railcars
U.S. senators have raised security concerns about a new Metro railcar project. The NIST cybersecurity framework will be part of the process now, the transit authority says.
Senators worry that new D.C. Metro railcars could carry cyber risk
The lawmakers exhorted the subway system's leadership to “take the necessary steps to mitigate growing cyber risks" to new railcars that could be produced by a Chinese company.
New code-validation project tries to spot the next industrial supply chain attack
A new DHS-funded project traces the provenance of software code.