Security News > 2023 > May > Preparing for federal supply chain security standardization

In 2021, the Biden Administration published the Executive Order on Improving the Nation's Cybersecurity, setting off an agency-wide security initiative with the ultimate objective of standardizing security requirements across the Department of Defense and the Federal Civilian Executive Branch supply chain.

These revisions point to a wider adoption of the NIST SP 800-171 and 800-53 controls, meaning that organizations contracting across the FCEB supply chain should start reviewing their current security posture in preparation.

To appropriately budget for the inevitable audits, organizations across the FCEB supply chain should build out plans to uplevel their security posture over the next two to four years.

Identifying CUI is the core of all agency supply chain cybersecurity initiatives, yet it remains one of CMMC's most hotly contested issues.

Assuming that the FCEB supply chain requirements parallel the CMMC requirements, organizations want to minimize the number of systems that interact with CUI. As they prepare for the inevitable cybersecurity compliance requirements, they should be looking for technologies that give them control over data when sharing it internally and externally.

As a business objective, any organization that wants to maintain a lucrative contract will need to secure CUI. Organizations within the FCEB supply chain need to assume that they will face the same challenges as their peers within the DIB. The federal government has clearly indicated that it intends to improve its own security by focusing on its supply chain issues, so waiting until a written mandate appears simply means that companies have less time over which they can spread out costs.

News URL

https://www.helpnetsecurity.com/2023/05/17/federal-supply-chain-security-standardization/