The Department of Homeland Security sees its role in supply chain security as providing risk management advice, not a buying guide.
Although it is responsible for protecting the IT operations of the private electrical, financial and other critical infrastructure providers, “we can’t tell them what to buy,” said Matthew Travis, deputy under secretary at the Department of Homeland Security’s National Protection and Programs Directorate. “We’re not Consumer Reports.”
What DHS can do, Travis said during an Oct. 19 AFCEA DC lunch panel on supply chain cybersecurity, is share threat information with those providers and explain the threat it sees.
