Supply Chain Integrity Month

In the US, the Department of Defense has designated April “Supply Chain Integrity Month”. Hopefully not just on April 1st….

https://www.us-cert.gov/ncas/current-activity/2019/04/01/Supply-Chain-Integrity-Month

Here’s their intro text:

Breaches in the supply chain provide an opportunity for malicious software or hardware to be installed on equipment. Lack of awareness or validation of the legitimacy of hardware and software presents a serious risk to users’ information and the overall integrity of a network environment.

Here’s my UPDATED version of their intro text:

Breaches in the supply chain provide an opportunity for malicious software, firmware, or hardware to be installed on equipment. Lack of awareness or validation of the legitimacy of hardware, firmware, and software presents a serious risk to users’ information and the overall integrity of a network environment.

After reading about half of the documents on their Supply Chain Threats site, I gave up looking for any references to firmware …they all refer to Hardware and Software. 😦

https://www.dni.gov/index.php/ncsc-what-we-do/ncsc-supply-chain-threats

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s