Report: DoD Supply Chain Risk Mgmt Policy ‘Not Fully Implemented’ for SBIRS

The Defense Department Inspector General recently reported that the U.S. Air Force Space Command did not fully implement the DoD’s supply chain risk management policy for the Space Based Infrared System.

The DoD IG said in an August 14 audit report that the AFSPC had failed to carry out requisite “controls and oversight” activities for the SBIRS supply chain, exposing the “critical hardware, software and firmware” components of the country’s detection system for missile launches and nuclear detonations to possible sabotage by adversarial infiltrators.

The agency watchdog subsequently recommended that the chief of the AFSPC take a number of corrective actions including identifying all critical SBIRS components and the companies that supply them; making sure that the supplier threat assessments that will be conducted by the pertinent investigative body are made more accurate; and determining the risk levels of components that were not purchased from trusted suppliers.

The Space Command vice commander spoke on behalf of the AFSPC chief and concurred with the inspector general’s recommendations.

Check Also

NSA

NSA Warns of Cyber Vulnerability in Email Transfer Software

The National Security Agency has identified a vulnerability that Russian cyber actors take advantage of to attack mail transfer networks. Sandworm Team, a Russian military group, has exploited the CVE-2019-10149 vulnerability found in the Exim software that Linux and Unix systems use as a mail transfer agent, NSA said Thursday.

Leave a Reply

Your email address will not be published. Required fields are marked *