DHS Software Supply Chain Risk Management Act of 2021: was sponsored by Rep Ritchie during the month of October. The reason behind this sponsorship was to fortify the infrastructure of the Department of Homeland Security (DHS) which would provide visibility to the supply chain software and improve the nation’s cyber security. This new law will help ensure the future of supply chain security by providing increased visibility of infrastructure.
What Does the DHS Software Supply Chain Risk Management Act of 2021 Mean for Vendors?
All the supply chain members of different network channels have to submit the list of software that they are using. As there are several software ranging from ERP and MRP, each contractor is bound to submit the list of their respective software. They also have to send an authentic certification in which it’s written that every item in the bill of material (BOM) is free from any kind of vulnerabilities or defects that can create a possible network breach.
Having the list and certification will allow the DHS to work thoroughly, to see if there’s any kind of vulnerability that needs to be fixed.
Importance of Supply Chain Visibility (SCV) in Cybersecurity
As every supply chain has a set of different contractors and each contractor has various employees that work under them, it’s possible for security measures to have been compromised. Having the benefit of supply chain visibility (SCV) will be beneficial for everyone. Since the attack of SolarWinds, the supply chain industry has been woken up.
There are different vendors in a channel network. When a vendor supplies to a customer, they can easily be infected by malware. And that one malware could destroy the network security of the whole supply chain.
It is important to educate your vendors about cyber security and encourage them to accept the reality of cyberbullying.
Benefits of the DHS Software Supply Chain Risk Management Act of 2021
As mentioned earlier, every vendor uses a different kind of software. If DHS has all the required information and resources, it can track down the possible vulnerabilities. After tracking down the vulnerabilities, DHS can find a way to fix those vulnerabilities.
Vendors shouldn’t feel restricted from sharing all the necessary information as they can get a huge benefit of check and balance. The best thing is that it will benefit the whole supply chain as the root cause of the problem will be identified. Suppliers don’t have to worry about hackers as they will be under the control of DHS who will keep the hackers at bay.
The main aim of DHS is to have supply chain visibility. This visibility directly implies more efficiency and effectiveness. Moreover, SCV reduces the risk of security breaches, and vendors and contractors don’t have to worry about their software credibility issues. Soon people will realize that a secure system is way better than an affordable system.