ABSTRACT

Cyber Supply Chain Risk Management: An Introduction [June 29, 2018]   [open pdf - 302KB]

"A supply chain consists of the system of organizations, people, activities, information, and resources that provide products or services to consumers. Like other types of goods, a global supply chain exists for the development, manufacture, and distribution of information technology (IT) products (i.e., hardware and software). Recent media have highlighted the risks posed to IT from the supply chain. In 2017, the U.S. Department of Homeland Security (DHS) ordered federal agencies to remove Kaspersky security products from their networks because of risk they posed. Legislation was subsequently enacted codifying that order. In addition, stories of persistent administrative passwords on devices or otherwise vulnerable products allowing unauthorized access to sensitive networks became more frequent."

Report Number:
CRS In Focus, IF10920
Author:
Publisher:
Date:
2018-06-29
Copyright:
Public Domain
Retrieved From:
Via E-mail
Format:
pdf
Media Type:
application/pdf
URL:
Help with citations