GAO calls out US government agencies: Get your supply chain security act together

In December 2020, the US Government Accounting Office (GAO) made 145 recommendations to 23 federal agencies relating to supply chain risks. In May 2021, the GAO’s director of information technology and cybersecurity, Vijay A. D’Souza, testified before Congress on supply chain risks. His testimony was not pretty and highlighted that “none of the 23 reviewed agencies had fully adopted identified practices to reduce supply chain risks.”[ Learn the 7 keys to better risk assessment. | Get the latest from CSO by signing up for our newsletters. ]In a nutshell, GAO had identified the existence of the threat to supply chains early on, issued recommendations, and when they came back to check on progress, they found holes in the risk mitigation, many of which had previously been identified. December 2020 was also the month when the SolarWinds compromise was publicly revealed.To read this article in full, please click hereCSO OnlineRead More