On a daily basis the media covers confirmed threats against the U.S. national security, the U.S economy, and U.S. interests abroad. Due to the exponential growth of Internet capabilities and the difficulties in protecting data in a networked world we now have serious vulnerabilities in our businesses, data and intellectual property. Our reliance on computer networks for managing everything from our highly-regulated industries and power grids, to our personal finances has made the Information Technology (IT) supply chain a prime target for anyone wanting to disrupt our economy and way of life.
The supply chain is now recognized as one of the most exploitable processes in all business and operational domains. The threat landscape includes exploits for all the software, hardware and firmware that comprise an information system. Specifics include intentional tampering, malicious modification, insertion of malware (viruses, worms, spyware, logic bombs, rootkits and data exfiltration code) into software and firmware, modified computer chips, replacement of legitimate components with modified ones, insertion of low quality counterfeit components as well as data corruption, loss, theft or modification. Recent studies have identified up to 30% of electronic components within the Information and Technology (IT) industry are counterfeit and do not meet the specifications for normal use.
Global Guardian, LLC has developed a proprietary framework and associated processes and services that will provide the required security and supply chain integrity to protect end users. This includes establishment of:
- Cybersecurity processes to ensure quality of components moving through the supply chain
- Cybersecurity processes and controls to protect the supply chain from counterfeit components
- Cybersecurity processes and controls to document the movement and condition of select components'
- Verification and validation controls to ensure component integrity
- Online documentation for customer authentication