A new Department of Homeland Security task force devoted to heading off supply chain cybersecurity threats against communications infrastructure will meet for the first time Thursday.
Why it matters: Supply chain attacks — hackers sabotaging the security of hardware or software to attack the system in which it's installed — have been at the top of mind for many in the government, with recent dust ups involving allegations against ZTE and Huawei as well as a widely disputed Bloomberg story.
Details: The Information and Communications Technology Supply Chain Risk Management Task Force will include several representatives from industry, trade and threat-sharing organizations and government agencies.
- While not officially announced yet, they will likely include providers and equipment makers for internet and telephone services, intelligence and law enforcement agencies and the Department of Commerce.
One company that's confirmed for the task force is Cisco.
- Edna Conway, Cisco’s chief supply chain security officer, said the issue is less about banning specific suppliers (or countries) and more about accounting for a supplier's individual risk.
- "I don’t handle geographies. I am agnostic about where a product is made," she said. "Understanding what a third party provider is providing and customizing security around it has been the most useful in the past."
