The US government is aiming to raise awareness of how supply chain vulnerabilities can impact national security.
In a video the government said the “integrity of the supply chain” was the missing piece in most companies' defence against espionage and subversion.
“Across government and industry, organisations have information and technologies that need to be protected from theft by foreign adversaries,” it said. “A common vulnerability increasingly being exploited is the acquisition supply chain.”
Released on YouTube by the Office of the Director of National Intelligence (ODNI), the video is part of a campaign by the National Counterintelligence and Security Center (NCSC) aimed at raising awareness of the security risks posed by global supply chains.
The risks include the possibility “mission critical” products and services “contain defective, counterfeit or otherwise tainted components, such as compromised telecommunications equipment”, ODNI said.
It also warned “adversaries” could attempt to subvert an organisation by targeting components in their supply chain.
The video recommends acquisition and procurement officers are “fully integrated with other organisational components” and said buyers needed to practice due diligence.
“Make sure your acquisition team is asking the right questions before procuring a particular product or service from an outside company,” it said.
"Questions like: who are their strategic partners and subcontractors; are they associated with organisations that are competitive or adversarial with the United States; [and] how do they manage their own supply chain risk?”
As well as the video, NCSC said it would provide threat briefings to US government partners and, eventually, to industry. It also said it was developing supply chain risk management blueprints and publicly available online training courses to help buyers protect against “supply chain subversion”.
☛ Want to stay up to date with the news? Sign up to our daily bulletin.