The National Counterintelligence and Security Center (NCSC) and its partners in government and industry today launched the 6th annual “National Supply Chain Integrity Month.” The theme for this year’s month-long awareness campaign is “Supply Chain Risk Management (SCRM) – The Recipe for Resilience.”
SCRM is vital to help address counterintelligence (CI) and security risk and is a tool for managing logistics and acquisition aspects of the supply chain. NCSC encourages its partners to apply CI SCRM methodologies to protect U.S. critical supply chains from risks posed by nation states and other threat actors. CI SCRM tools provide government and industry with methods to defend against known threats to U.S. supply chains while building resilience against future risks.
Nation states and other threat actors have ramped up their efforts to exploit critical supply chains that cut across U.S. government and industry. For example, “China uses access to its vast market and control over critical supply chains as tools to force foreign companies and to coerce foreign countries to allow the transfer of technologies and intellectual property,” according the 2023 Annual Threat Assessment (ATA) of the U.S. Intelligence Community.
The 2023 ATA also cited the risk of supply chain disruption stemming from China’s central role in global supply chains for semiconductors, critical minerals, batteries, solar panels, pharmaceuticals, and other technology sectors. “In a speech in April 2020, [China’s President] Xi noted his intentions to increase global supply chain dependencies on China, with an aim of controlling key supply chains and being able to use those supply chain dependencies to threaten and cut off foreign countries during a crisis,” according to the ATA.
Given this threat landscape, the need for supply chain resilience is critical. Organizations should include all aspects of SCRM into their recipe for resilience, including acquisition security, information security, CI, insider threat risk mitigation, and cybersecurity. A comprehensive and resilient SCRM program allows an organization to know where to take risks and where and when to implement mitigations throughout the supply chain lifecycle.
Throughout April, NCSC will be teaming up with the Office of the National Cyber Director, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the Department of Defense, foreign allies, private industry, and other partners to develop a recipe for resilience that increases awareness of supply chain threats, shares best practices on risk management, and identifies ways to enhance cooperation. The “Recipe for Resilience” theme builds upon efforts by the U.S. Government, its foreign allies, and industry partners to rebalance global supply chains and make them more transparent, secure, resilient, and trustworthy.
This year’s National Supply Chain Integrity Month will feature the dissemination of numerous public products and include events sponsored or supported by participants from government, academia, and the private sector. Events will range from small, classified briefings to large unclassified public functions. These activities will focus on key supply chain topics, such as microelectronics, critical minerals, space, cloud, zero trust architecture, abuse of trusted relationships, venture capital risk management, cross-border SCRM, and SCRM best practices.
A center within the Office of the Director of National Intelligence, NCSC is the nation’s premier source for counterintelligence and security expertise and is a trusted mission partner in protecting America against foreign and other adversarial threats.