SA-12(8) — Use of All-source Intelligence

Use all-source intelligence to inform supply chain risk decisions. Threat intelligence about vendor compromises, nation-state targeting of supply chains, and counterfeit component risks should factor into your procurement decisions.

Example 1: Before procuring critical components, check government advisories and sanctions lists to verify the manufacturer is not a known supply chain risk. CISA, NSA, and FBI regularly publish advisories about compromised supply chains and vendors with known security concerns.

Example 2: Subscribe to supply chain threat intelligence feeds specific to your industry. For defense contractors, the DIB ISAC and DCSA provide intelligence about supply chain threats targeting the defense industrial base. Use this intelligence to adjust your vendor risk assessments and procurement decisions.