CISA task force leader calls for increased global cooperation on supply chain risks

A public-private task force the Cybersecurity and Infrastructure Security Agency launched in 2018 to bolster supply chain resilience is now aiming to expand international collaboration while increasingly offering new supply chain security solutions and resources. 

John Miller, one of three co-chairs of the task force and senior vice president of policy and general counsel at the Information Technology Industry Council (ITI), told FCW the Information and Communications Technology Supply Chain Risk Management Task Force is working to "create actionable tools that can help organizations address various aspects of the supply chain security challenge now, as opposed to just writing reports that collect dust."

The CISA task force is composed of 60 organizations that serve as voting-level members across the IT, communications and public sectors, and "has taken on many different facets" over the last three years, Miller said. It currently has four acting working groups, including a product-marketing team to promote the task force's growing suite of tools and resources available to the public.

Miller suggested the organization – and others like it – should further engage in global collaboration efforts around supply chain resilience to share solutions and better address known vulnerabilities and threats, many of which often include an international impact.

“We’re going to have global supply chains, it only makes sense that we really are going to need global solutions, and that also includes global collaboration,” Miller said at an FCW webcast on Monday.  “As we’re learning in the task force, no one group can really solve these things themselves.”

The task force has published a range of reports, including an analysis on the COVID-19 pandemic and its impact on ICT companies' logistical supply chains, and templates to provide organizations with clarity on an ICT providers' implementation of risk management industry standards. All of the resources the task force produces are free and available to the public, Miller said, though he acknowledged “there is still fairly low awareness that these products even exist.”

Miller said the task force is rolling out a series of webinars to help spread the word of its available resources while looking ahead to the future, and noted the importance public-private partnerships play in addressing major supply chain risk challenges. 

“The government realizes that it does not have full visibility into these global complex supply chains,” Miller said. “On the industry side, it’s certainly the same thing.”