Automation the key to Biden software supply chain demands

Cyber agency Axonius says automation 'crucial' if agencies are to meet Whitehouse demands to tighten the security of the software supply chain

US cybersecurity agencies will struggle to meet Whitehouse demands to improve the security and integrity of the software supply chain, a leading cybersecurity agency has warned.

On Thursday, the White House shared a memo requiring agencies to comply with guidance from the Office of Management and Budget (OMB) 

The new guidance requires agencies to follow secure development practices from the National Institute of Standards and Technology (NIST), a physical sciences laboratory and non-regulatory agency of the US Department of Commerce.

The memo, signed by OMB Director Shalanda Young, is headlined ‘Enhancing the Security of the Software Supply Chain through Secure Software Development Practices’.

Tom Kennedy is VP of Axonius Federal Systems, which helps federal government agencies safeguard mission objectives by strengthening IT asset identification and management.

Automation needed if OMB demands are to be met

Kennedy says that without digital automation, many will struggle to meet the OMB’s demands.

He said: "Having a comprehensive and accurate inventory of all assets, from software to devices to users, is foundational to the success of any cybersecurity program. But it's not easy to create or maintain. In fact, it takes roughly 86 person hours, on average, to generate an asset inventory, and it usually requires a combination of eight to 10 tools to complete. 

“With federal IT and security teams already strapped for time and resources, the manual processes often used for this type of task won't suffice. Information is often siloed across numerous tools, and most of the time, CMDB information is out-of-date and unreliable.” 

He added: “For agencies to meet the inventory deadline given by the White House, they have to shift toward a more programmatic process that automates data collection and correlation. 

“It must remove the taxing resource commitment and be continuously run for real-time results. Otherwise, inventories will remain static and disadvantageous to protecting our nation." 

Share

Featured Articles

Sustainability measurements lacking, says EY survey

EY survey of supply chain leaders reveals need both for visibility on sustainability performance and a holistic business case to drive results

IBM CSCO & COO survey shows tech & sustainability key areas

IMB Institute for Business Value (IBV) study surveyed 1,500 CSCOs and COOs, and they are ramping-up investment in automation, AI and sustainability

Suppeco and Market Dojo partner on e-sourcing solution

Supplier relationships platform Suppeco & digitised procurement solution Market Dojo join forces to provide embedded on-demand e-sourcing service

Pitney Bowes Index shows China breaks 100bn parcels barrier

Logistics

CPG packaging supply problems sees Lidl buy paper mill

Supply Chain Risk Management

CPG & retail IT talent quest 'is driving tech investment'

Digital Supply Chain