Yesterday I had the pleasure of attending “Supply Chain Security - Do you know who your insiders are?” by Bob Hutchinson, Senior Manager, Sandia National Laboratories’ Information Security Sciences Group.
The key aspect of his presentation that I took away was the National Labs’ ability to control and prevent compromise of the Nuclear Weapons supply chain. And that the lessons learned from almost 7 decades of experience could be applied to the supply chain risk of Information Technology. We’ve solved most problems before it simply takes effort to find where.
This analogy led me to investigate a bit more and I discovered Bob’s statement to the United States House of Representatives Committee on Energy and Commerce, Subcommittee on Communications and Technology. His 4 key points are:
- While strategic data theft of intellectual property and national secrets has become a focus recently do not lose sight of the malicious data modification threat.
- Examine and be aware of your Information Technology aspects of your supply chain; from the software applications and patches to the sub-components of each piece of hardware (and it’s obvious supporting software -firmware).
- While developing the manner and mechanism for Cyber information sharing between Government and Industry there must be a strategy associated with it. This strategy could then be used to assist in an adversary “self-identifying.”
- Identifying the Nation’s noted “profound shortage of qualified cyber security experts.” He adds that having been tasked by DoE, Sandia to has built “a program that’s more like a medical residency than a trade certification” and that this model is much more appropriate to creating the requisite cyber security experts for the nation.
A Cyber Fellow's Most Popular:
Incoming search terms:cyber supply chain course
- National Strategy for Global Supply Chain Security [Strategy]
- Occupying the Information High Ground [Cyber Warfare]
- NASA Cybersecurity: An Examination of the Agency’s Information Security [Cyber Defense]
- Doha International Maritime Defense Exhibition & Conference (DIMDEX 2012) [Military]
- Tier 1 Cyber Security Professional Organizations & Conferences [Cyber Education]
- The Best Prices and Deals on Halo 4 [Deals]
- FireEye Advanced Threat Report for First Half of 2012 [Cyber Warfare]
- Game changing Wireless LED Multi-Color Lightbulb: LIFX [Technology]
- Defense Information Systems Agency’s (DISA) Strategic Plan for 2013-2018 [Strategy]
- The Best Apple iPhone 5 Screen Protector [Deals]
- This Navy Type - Remembering 9/11 [Inspiration]
- Nike Plus Kinect Training for Xbox 360 for $49.99 with $10 coupon and 1600 Xbox Live Points [Deals]
- Harry Potter - The Complete 8-Film Collection (Blu-ray) $49.50 [Deals]
- Star Wars: Millennium Falcon- A 3-D Owner’s Guide $2.66 [Deals]