Headlines in Cybersecurity: What States Should Know - Day 3 Securing the Supply Chain

The pace and impact of cyberattacks on government and critical infrastructure IT systems have accelerated over the past several years. Malware inserted into software platforms and widely distributed to customers; ransomware attacks taking down hospitals and local governments; hacks endangering water systems – all of these and many more show that our systems are under siege.

Join us for these five one-hour webinars spread over five days, as thought leaders from government at all levels and the contracting community focus each day on a specific aspect of the cyber threat environment and ways to more effectively respond and protect their most valuable assets – their data and IT systems.

Day 3: Securing the Supply Chain

In the end, any IT system is only as secure as its various components. Federal, state, and local agencies have learned that the hard way, as software platform and application providers have been hacked as a way to get into government systems.

The Executive Order on Improving the Nation's Cybersecurity issued by the White House in May dedicates Section 4 to the topic of enhancing the security of the software supply chain. It includes a directive that in future agencies will only acquire software that meets standards to be set by the National Institute of Standards and Technology, and that software products not meeting that standard will no longer be listed on GSA schedules. Since software companies are unlikely to want to support two versions of the same product – one certified, one not – this is likely to positively affect the security posture of state and local governments and the private sector, as well.

Join us as thought leaders from all levels of government and industry share their experiences with supply chain hacks and the measures they took to address their risks.