Speaker Series

NCCoE Learning Series Fireside Chat: Federal Government Perspectives on Managing Supply Chain Cybersecurity Risks to Computing Devices

NCCoE Learning Series Webinar

Date/Time: Thursday, September 30, 2021 | 3 p.m. EDT Duration: 30 minutes plus Q&A Technical Level: Foundational


Organizations today face an extraordinarily complex challenge in verifying that the internal components of computing devices are genuine and have not been altered during manufacturing and distribution processes. By the time a computing device reaches an end user, it has gone through a web of interdependent supply chain participants—component manufacturers, sub-contractors, suppliers, distributors, etc. Supply chain cybersecurity risks, such as counterfeiting, unauthorized production, tampering, theft, and insertion of unexpected software and hardware, can affect an organization’s overall cybersecurity posture. Managing these cyber risks requires ensuring the integrity of the computing device supply chain and its products and services. 

During this fireside chat we will explore:

  • how and why attackers target computing device supply chains
  • challenges organizations are facing, and how they can begin addressing the integrity of their computing devices
  • steps to take if you suspect or confirm a device has been tampered with
  • lessons learned from recent hardware/firmware supply chain attacks
  • how the NIST National Cybersecurity Center of Excellence is addressing supply chain assurance of computing devices