Organizations’ supply chains are growing increasingly interdependent and complex, the result of which is an ever-increasing attack surface that must be defended. Current supply chain security frameworks offer effective guidance to organizations to help mitigate their supply chains from attack. However, they are limited in their scope and impact and can be
Topic: Cyber Supply Chain
Daniel Carbonaro is an InfoSec Engineer who draws from nearly 10 years of experience from both the Department of Defense and large enterprise IT organizations. He currently holds various security certifications as well as a B.A. in Communications from Le Moyne College. Daniel recently completed the Graduate Certificate Program in Cybersecurity Engineering at
Most software depends on third-party components (libraries, executables, or source code), but there is very little visibility into this software supply chain. It is common for software to contain numerous third-party components that have not been sufficiently identified or recorded. Software vulnerabilities are both the byproduct of the human process of
In this video we will examine the Cybersecurity Supply Chain Risk Management (C-SCRM) and mitigation tactic using cybersecurity risk design strategies to strengthen SCRM efforts for organizations directly involved in delivery of products, services, and solutions to the Federal government and all other tiers of the global supply chain.
The Defense Department has been failing to take into account the potential security risks of buying commercial off-the-shelf (COTS) technology items such as laptops, security cameras, software and networking equipment, according to the office of the Pentagon Inspector General.
Google confirmed that cyberthieves had managed to pre-install malware into the Android framework backdoor. In short, the malware appeared to be blessed by Google at the deepest point within Android.
The federal government wants to hold defense contractors accountable for the cybersecurity of their supply chains but that's no easy feat, experts said Tuesday.
Hackers are shifting their tactics away from traditional phishing and ransomware attacks, and moving toward stealthier intrusions via websites and the software supply chain, according to a recent report.
The military supply chain is vast, multifaceted, and riddled with potential cyber vulnerabilities.
Historically, an organization developed a Cybersecurity program to achieve compliance. It has been our experience, organizations which achieve full compliance cannot continue to operate because of strict Compliance requirements and the lack of a functional Cybersecurity program. The lack of a functional Cybersecurity program enables methodologies found