Hot Topics in Cybersecurity Day 2: Maintaining Supply Chain Security

After seeing first-hand the massive effects of supply chain disruption during the pandemic and the impact of accidentally using infected open-source software by software providers, state and local governments are aware of the risks of supply chain disruptions due to a cyber attack.

 

Agencies have to broaden their thinking about where risks may be encountered. For instance, cybersecurity experts see the Salt Typhoon incursion into several U.S. telecommunications companies’ networks as a supply chain attack, where the companies’ customers – especially all levels of government – actually are the intended victims.

 

The Executive Order issued in May 2021 setting forth requirements to improve national cybersecurity, included the requirement that any organization providing software to the federal government must also include a Software Bill of Materials (SBOM), but there is no nationwide policy that all state and local agencies require SBOMs from their software vendors.

 

Learning Objectives:

  • Identify what policies, if any, your agency has in place to protect its supply chain
  • Outline the most likely sources of corrupted software, such as freeware and open source code, currently used by your agency
  • Review steps you can take to evaluate your vendors’ risk of being compromised

Speaker Details

 

Ryan Lewis

Deputy CISO,

Security Operations and Technology,

Illinois Department of Innovation and Technology

 

 

Bill Pratt
Contributing Editor,
FedInsider

Event Topic

Cybersecurity, Open Source/OSINT, Technology

Relevant Audiences

All State and Local Government, All Federal Government, National Guard, Air Force, Coast Guard, Navy, City Government, County Government, Municipalities, State Government, Central Intelligence Agency, Department of Agriculture, Department of Commerce, Department of Defense, Department of Energy, Department of Health and Human Services, Department of Homeland Security, Department of Housing and Urban Development, Department of Interior, Department of Justice, Department of Labor, Department of State, Department of Transportation, Department of the Treasury, Environmental Protection Agency, Equal Employment Opportunity Commission, Federal Aviation Administration, Federal Communications Commission, Food and Drug Administration, Federal Emergency Management Agency, General Services Administration, Government Accountability Office, National Aeronautics and Space Administration, National Institute of Health, National Security Agency, U.S. Agency of International Development, U.S. Census Bureau, U.S. Office of Personnel Management, U.S. Postal Service, Veterans Affairs

Other Agency

Office of the President (includes OMB), Other Federal Agencies, Judicial Branch Agencies, Foreign Governments/Agencies
Hot Topics in Cybersecurity Day 2: Maintaining Supply Chain Security
Event Type
Virtual / Online
Event Subtype
Webinar / Webcast
When
Wed, Sep 17, 2025 | 2:00 pm - 3:00 pm ET
Registration Cost
Complimentary
Website
Click here to view event website
Sponsors
Carahsoft Technology Corp.
George Washington University (GWU)
Organizers
FEDINSIDER
FEDINSIDER