Bob Kolasky Offers Update on DHS Supply Chain Risk Assessment

Jeff Brody
Bob Kolasky

Bob Kolasky, an official at the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, said the supply chain security assessment of DHS is slated for a White House review and approval this week, FCW reported Thursday

Kolasky, head of CISA’s National Risk Management Center, said during a public briefing Thursday that the assessment creates a new taxonomy of information and communications technology supply chain risks and classifies the supply chain into five elements and 100 sub-elements. 

"I think it will help through the regulatory process the rulemaking process…to give focus in areas where we think there's likely to be higher risk,” he told the Information Security and Privacy Advisory Board.

Kolasky said the assessment, which was mandated by an executive order signed in May, is one of the three goals the ICT supply chain task force aims to implement this year. The other two goals are creating an inventory of supply chain processes and activities across the federal ICT sector and establishing working groups to identify supply chain-related problems.

Check Also

NSA

NSA Warns of Cyber Vulnerability in Email Transfer Software

The National Security Agency has identified a vulnerability that Russian cyber actors take advantage of to attack mail transfer networks. Sandworm Team, a Russian military group, has exploited the CVE-2019-10149 vulnerability found in the Exim software that Linux and Unix systems use as a mail transfer agent, NSA said Thursday.