Jane Edwards
Alex Whitworth, director of sales and CMMC program executive at Carahsoft Technology, said agencies should build up their security defense and have a backup response plan in place to protect their supply chains and data from cybersecurity breaches.
He wrote in a blog post published Wednesday about a number of factors agencies should consider to personalize their security and these are having a clear understanding of their software supply chain ecosystem and monitoring data within the supply chain by paying attention to data locality and establishing a consistent communication line with third-party suppliers.
According to Whitworth, agencies should safeguard classified data by conducting risk assessments, upskilling information technology security teams, creating incident response plans and using endpoint detection and other artificial intelligence-based software to detect threats.
In the event of a supply chain attack, Whitworth said agencies should mitigate harm by informing potentially affected customers and partners, performing a defense assessment to detect where the breach has occurred and establishing incident response and recovery plans.
He also discussed how the Department of Defense’s Cybersecurity Maturity Model Certification program and other security standards could help agencies protect sensitive data from supply chain attacks.
