CISA: Information and Communication Technology Supply Chain – Lessons Learned During the COVID-19 Pandemic


Critical Infrastructure Colleagues and Partners,


The impacts of the COVID-19 pandemic on the information and communications technology (ICT) sector’s supply chains are still unfolding. To understand how companies in this space have been impacted, and to identify lessons learned about supply chain vulnerabilities and the potential ways to address them going forward, the ICT Supply Chain Risk Management (SCRM) Task Force, a partnership between the IT and Communications Sector Coordinating Councils and the Cybersecurity and Infrastructure Security Agency (CISA) and other federal departments and agencies, developed a Report in the midst of the pandemic, that uncovers these impacts and makes practical recommendations to build supply chain resilience. The Report finds that the global ICT supply chains were most impacted during the pandemic by issues related to sourcing from a single source or a single region, inventory management, and supply chain transparency.  These issues had surfaced prior to the pandemic and still continue today.


We hope that you find this Report to be helpful in enhancing your organization’s supply chain resilience.  Please email us if you are interested in having a Task Force member speak with your organization about this and other Task Force products or on how to incorporate them into your organization’s security program. For additional free, voluntary resources and information on how to reduce the impact of supply chain risk, visit CISA's Supply Chain Risk Management Toolkit. In addition, please view the video below to learn more about the Report.


Video: ICT Supply Chain Lessons Learned During the COVID-19 Pandemic




Steve Lyddon

Protective Security Advisor, Region 5, Illinois

Cybersecurity and Infrastructure Security Agency

Cell:  217-299-3954 |