Government agencies need to pay more attention to supply chain security
Government agencies seeking the lowest bidders typically overlook cybersecurity when awarding contracts, and data breaches are the result, says a security rating expert.
According to a review of 25 defense contractors by BitSight Technologies, the median security rating of these vendors is lower than that of the median score in the financial sector.
And these contractors are subject to higher security scrutiny than those at other agencies.
“Given the background and experience of the businesses involved, I would expect that the civilian agency government contractor ratings would be lower,” said Jake Olcott, vice president at BitSight and a former cybersecurity adviser to the Senate Commerce Committee.