The project engages current and former officials in the most advanced cyber states to discuss the potential benefits of agreeing to constrain purposeful manipulations of the ICT supply chain. In parallel, the project, led by Ariel Levite, engages with large technology supplying and procuring companies to motivate them to make related commitments to enhance supply chain integrity.
Additionally, this project encompasses Carnegie’s efforts to engage global policymakers and industry on the issue of vulnerabilities management, led by Katherine Charlet. The project promotes policy recommendations for international action and convenes top officials, business leaders, and experts for dialogues on vulnerabilities equities processes and vulnerability disclosure.
Reliable information and communication technology / operational technology products and services are an indispensable part of modern life. But much of their performance hinges on efficient and secure supply chains that have minimal inadvertent flaws or vulnerabilities and that guard against harmful interventions.
The Carnegie Endowment for International Peace is pleased to host an international conference focused on government vulnerability management.
The U.S. government’s release of the Vulnerability Equities Process charter reversed a previous posture of secrecy, and emphasized that blanket secrecy about vulnerabilities is an antiquated approach.