Article
Digital Supply Chain

Automation the key to Biden software supply chain demands

By Sean Ashcroft
September 17, 2022
undefined mins
Cyber agency Axonius says automation 'crucial' if agencies are to meet Whitehouse demands to tighten the security of the software supply chain

US cybersecurity agencies will struggle to meet Whitehouse demands to improve the security and integrity of the software supply chain, a leading cybersecurity agency has warned.

On Thursday, the White House shared a memo requiring agencies to comply with guidance from the Office of Management and Budget (OMB) 

The new guidance requires agencies to follow secure development practices from the National Institute of Standards and Technology (NIST), a physical sciences laboratory and non-regulatory agency of the US Department of Commerce.

The memo, signed by OMB Director Shalanda Young, is headlined ‘Enhancing the Security of the Software Supply Chain through Secure Software Development Practices’.

Tom Kennedy is VP of Axonius Federal Systems, which helps federal government agencies safeguard mission objectives by strengthening IT asset identification and management.

Automation needed if OMB demands are to be met

Kennedy says that without digital automation, many will struggle to meet the OMB’s demands.

He said: "Having a comprehensive and accurate inventory of all assets, from software to devices to users, is foundational to the success of any cybersecurity program. But it's not easy to create or maintain. In fact, it takes roughly 86 person hours, on average, to generate an asset inventory, and it usually requires a combination of eight to 10 tools to complete. 

“With federal IT and security teams already strapped for time and resources, the manual processes often used for this type of task won't suffice. Information is often siloed across numerous tools, and most of the time, CMDB information is out-of-date and unreliable.” 

He added: “For agencies to meet the inventory deadline given by the White House, they have to shift toward a more programmatic process that automates data collection and correlation. 

“It must remove the taxing resource commitment and be continuously run for real-time results. Otherwise, inventories will remain static and disadvantageous to protecting our nation." 

CybersecurityTechnologySupplyChain
Share
Share

Featured Articles

Smart manufacturing helping auto OEMs handle supply woes

Deloitte Strategy and Operations Principal Laurent Becher on how smart manufacturing is helping automotive industry OEMs mitigate supply chain problems

Supply chain chaos is outrunning resilience, says BCG

Boston Consulting Group reveals that although firms expect supply chain to go spectacularly wrong, few have an understanding of how to be more resilient

Flex among 330 firms given A-list CDP sustainability status

CDP 2022 report – Scoping out: Tracking Nature Across the Supply Chain - based on data from 18,700 firms who disclosed climate, water & forests impacts

What is ... logistics?

Logistics

McKinsey & Exiger on supply chain tech revolution

Digital Supply Chain

Quantum computing 'can ease global supply chain challenges'

Digital Supply Chain