MAR 06, 2019 | US
BSA Submits Supply Chain Security Recommendations to Congress
Politico Morning Cybersecurity, March 7, 2019
By Tim Starks
The Pentagon’s supply chain security program should accommodate businesses concerned about “opaque” decisions to ban their products from military networks, the software trade group BSA said Wednesday in a letter to the leaders of the House and Senate Amed Services committees. The most recent defense policy bill gave the Pentagon the authority to put companies on blacklists if their products are deemed insecure or risky, and BSA said that while it understood the need for these “potent tools,” there was “a risk that such opaque processes” would encourage foreign governments to make “non-risk management-based protectionist” decisions.
BSA recommended that this blacklist program be amended to require “processes to, absent exceptional circumstances, notify vendors excluded from a competition of their exclusion and the reasons for it and to ensure a viable means of protesting or appealing the exclusion decision.” The letter also made recommendations about supply chain research, vendor contract language, and relying on industry standards. And it encouraged Congress to direct the Pentagon to buy commercial off-the-shelf software wherever appropriate.
Original Posting: https://www.politico.com/newsletters/morning-cybersecurity/2019/03/07/next-up-at-rsa-election-security-dhs-and-nsa-536861
关于 BSA
The Business Software Alliance (www.bsa.org) 是全球软件行业的主要倡导者,旨在代表该行业,向政府和国际市场发声。其成员包括全球最具创新力的公司,这些公司制定的软件解决方案,不但能够刺激经济,还能提升现代生活的品质。