EastWest Institute Introduces New Report Offering Framework to Manage Cyber Supply Chain Risk
The EastWest Institute (EWI) today released a new report, Weathering TechNationalism: A Security and Trustworthiness Framework to Manage Cyber Supply Chain Risk, designed to enhance information and communications technology (ICT) security and trustworthiness by balancing competing national interests. The report warns against relying on “TechNationalism”—measures that favor ICT products and services sold by companies headquartered domestically or in allied states—when it may lead to unintended, negative consequences.
“Though bans of companies or countries can be useful as statements of concern, they may also create a false sense of security,” said EWI Executive Vice President Bruce McConnell, who oversees the institute’s Global Cooperation in Cyberspace program and led the development of the report. “Weathering TechNationalism encourages a more realistic approach—mitigating cyber risks by applying well-known cybersecurity practices to critical digital infrastructure.”
Click here for the full report. Chinese version coming soon.
Weathering TechNationalism provides policymakers, regulators, and corporate executives a five-part framework for mitigating supply chain risk in a holistic way. The framework lays out measures of assurance, transparency, and accountability that ICT buyers, operators, and vendors can implement jointly.
Supplementing this framework, the report recommends several balanced, risk-informed policy measures—in accordance with national and industry-specific policy goals—that may further ICT and supply chain security and avoid the negative consequences of TechNationalism. The action roadmap provides a whole-of-society approach and recommends that policymakers:
- Enable threat and vulnerability information sharing,
- Require diverse sources of supply,
- Make strategic science and technology investments,
- Consider narrow national security exceptions, and
- Review and adapt national supply chain security goals and policies.
The report builds on previous work prepared by the EWI Breakthrough Group on Increasing the Global Availability and Use of Secure ICT Products and Services. Throughout the report’s development, primary authors, Andreas Kuehn and Bruce McConnell, worked in tandem with a wide range of industry experts, receiving substantive commentary and feedback.