Forcepoint’s Eric Trexler: Agencies Should Ensure Supply Chain Security Beyond CMMC Requirements

Eric Trexler
Eric Trexler
Eric Trexler
Eric Trexler

Eric Trexler, vice president of global government sales at Forcepoint, has said that agencies need to incorporate stringent controls to ensure that supplier networks are secure even after they are verified.

Trexler wrote in an opinion piece published Friday on Defense Systems that agencies must implement measures such as threat intelligence, analytics and network segmentation at the supply-chain level to inculcate requirements beyond the Department of Defense’s Cybersecurity Maturity Model Certification program.

He noted that “highly customized” analytics tools can help visualize patterns of normal network and app behavior from the start of the supply chain to end-users.

Uncharacteristic or abnormal patterns such as discrepancies in sensor readings and unusual spending must trigger alerts to ensure timely response and prevention of data breaches, he added.

According to Trexler, suppliers have “extensive access” to classified or sensitive resources that bring risks of sabotage to the global supply chain and U.S. intellectual property.

“Federal agencies must be prepared,” he said. “CMMC represents important progress, but other steps should be in place to respond to an eventual and inevitable breach. We must begin to think differently and assume that the supply chain is compromised and change our operating procedures accordingly.”

ExecutiveBiz Logo

Sign Up Now! ExecutiveBiz provides you with Daily Updates and News Briefings about Technology

David Watts
WWT’s David Watts: Data-Driven Culture Key to Advancing Federal Digital Transformation
William Brown
L3Harris CEO William Brown on 2020 Revenue, Workforce Growth Projections