in Cybersecurity, News

ECS Execs Outline Steps to Strengthen Cyber Supply Chain Risk Management

Keith McCloskey
Keith McCloskey, vice president and chief technology officer at ECS. McCloskey provided four steps for an effective C-SRM
Keith McCloskey VP, CTO ECS

The vulnerability of supply chains to cyber threats is rising and can cause financial, operational and reputational damage to an organization, warned ECSKeith McCloskey, vice president and chief technology officer of national security and civilian, and Charles Walker, senior solutions architect of cyber operations. 

In a new article posted on the ECS website, the executives highlighted the need for organizations to establish an effective cyber supply chain risk management, or C-SCRM, strategy and provided four steps to strengthen their security.

ECS Execs Outline Steps to Strengthen Cyber Supply Chain Risk Management - top government contractors - best government contracting event

ECS is a platinum sponsor of the Potomac Officers Club’s 2026 Cyber Summit on May 21. At the event, Mark Maglin, ECS’ vice president for Department of Defense cybersecurity, will also take the stage with other industry experts to discuss the quantum threat during the Quantum Computing and Post Quantum Cryptography – Preparing for the Next Security Disruption panel. Sign up today to secure your spot.

What Steps Do Organizations Need to Take to Strengthen Supply Chain Cybersecurity?

According to McCloskey and Walker, organizations should treat cybersecurity supply chain risk management as a cross-functional responsibility involving leadership, cybersecurity, procurement, legal and mission teams rather than a siloed technical task.

The executives also recommended building and maintaining a Software Bill of Materials to identify suppliers, assess their mission impact and prioritize oversight of vendors that pose the highest risk.

Additionally, the article emphasized the integration of supply chain risk and cybersecurity requirements early in the procurement process. Doing so would enable organizations to set clear expectations for vendors and avoid costly security gaps later.

Finally, organizations should continuously monitor suppliers and reassess risk over time to detect emerging vulnerabilities.

What Cyberthreats Do Supply Chains Face?

ECS also discussed the rising threats to supply chains in its 2025 Cybersecurity Report published in September. In the report, the company raised concerns over the government and industry’s reliance on software-as-a-service and cloud services, which means organizations have little visibility or control over the supply chain.

The company warned that state-sponsored cyber campaigns are targeting not just critical infrastructures, but supply chains. ECS also noted in the report that hackers can disguise malware as trusted software.

ExecutiveBiz Logo

Sign Up Now! ExecutiveBiz provides you with Daily Updates and News Briefings about Cybersecurity

mm

Written by Elodie Collins

Photo: DecisionPoint
Brian Flood. The DecisionPoint CEO commented on a Navy IT support task order.
DecisionPoint Wins Navy IT Support Task Order
Craig Barratt / Intel
Intel's Craig Barratt. Craig Barratt has been selected to replace Frank Yeary as chairman of Intel's board of directors.
Craig Barratt to Succeed Frank Yeary as Intel Board Chair