MITER’s New ‘Trust System’ Protects Vulnerable Supply Chains

SAN FRANCISCO–(BUSINESS WIRE)–Tomorrow at the RSA 2022 conference, MITER will unveil its newtrust systema framework to provide a comprehensive, community-driven knowledge base of supply chain security risks and a customizable security risk assessment process for use by any organization within the security ecosystem. the supply chain. For the first time, there is a free and open platform that will help companies identify, discuss and quantify risks in key supply chains and with suppliers, including software security issues.

“MITER serves as a trusted advisor to governments and organizations in assessing potential risks and vulnerabilities in their systems,” said Robert Martin, Principal Software and Supply Chain Assurance Engineer at MITRE. “Now we are taking what we have put into practice for ourselves and our sponsors and making it available to the cyber community as a whole to help all organizations speak the same language when analyzing cyber threats and other supply chain threats.”

US supply chains are under pressure and critical shortages are affecting communities across the country, but vital consumer products aren’t the only vulnerability. Hackers present massive threats, as the costly SolarWinds and Log4j cyberattacks have clearly shown. The Trust System provides a proactive approach to identifying and mitigating threats, before they arise.

“At MITRE, we are committed to solving problems for a safer world, ensuring everyone has access to appropriate risk management tools,” said Wen Masters, Vice President, Cyber ​​Technologies, MITRE. “For over 50 years, MITER has provided free cyber resources to keep our communities safe. The Trust System Framework continues our progress in this endeavor, enabling a more secure supply chain so that goods and services can be delivered even in threatened and contested environments.

The Trust System includes 14 areas of risk that organizations should assess in their acquisition and day-to-day operations, and it delves deeper with more than 2,200 specific supply chain security risk questions, assessing the extent to which each vendor identifies and addresses integrity and security. software, hardware, services and the organizations that provide them. Each risk is scored and prioritized to identify vendor strengths and weaknesses. The framework provides a common vocabulary of supply chain security risks that can be understood by all suppliers, supplies and services, reducing communication barriers and the risk of misunderstanding.

“The trust system identifies risk and encourages decision-making using a data-driven approach,” Masters added. “MITER strives to bring innovation and data together for the public good, and we’re excited to see how the cyber community is using the trust system to take risk mitigation to the next level.”

MITER will launch the Trust System website at RSA and followed up with a Supply Chain Summit on July 27.

About MITER

MITER’s mission-driven teams are dedicated to solving problems for a safer world. Through our public-private partnerships and federally funded R&D centers, we work across government and in partnership with industry to address security, stability and well-being challenges. to be of our nation. Learn more about miter.org.

© 2022 MITER #22-1821 06-07-2022

Comments are closed.