In this episode of Cyber Focus, host Frank Cilluffo talks with Bob Kolasky, Senior Vice President at Exeter and former head of the National Risk Management Center at CISA. The conversation covers key topics related to supply chain risk, security, and national defense. Bob provides insights into the evolving threats within supply chains, especially those linked to cybersecurity and critical infrastructure. He also touches on legislative efforts and the role of public-private partnerships in mitigating risks from foreign actors, particularly focusing on concerns regarding Chinese companies like DJI and Huawei.

Main Topics Covered:

• The hybrid nature of supply chain threats and their intersection with cybersecurity
• Notable supply chain attacks like SolarWinds and the role of software vulnerabilities
• The rise of Chinese technology companies, especially DJI, in U.S. supply chains
• Legislative responses to supply chain risks, including the China Select Committee
• Critical infrastructure sectors and the importance of visibility and resilience in supply chains
• The need for secure alternatives to foreign technologies, particularly in drones and communication systems
• Public-private partnerships to address systemic risks in national security

Key Quotes:
"Supply chain has increasingly become an important element of how nations defend themselves, but also an area of attack." – Bob Kolasky
"We're seeing order of magnitudes improvements in manufacturing techniques that are being enabled by digital. And whenever you say the word digital, you can say the word cyber because a digital supply chain is a potentially cyber-vulnerable supply chain." – Bob Kolasky
"How are we as a country going to see the investments made in alternatives to DJI [drones] so that law enforcement can still get a cost effective solution to meet their mission needs?" – Bob Kolasky
"It’s not just about bringing supplies back here. It’s about friend-shoring and trust-shoring and making sure that there are the instruments of power used to stimulate the development of technologies and markets for technologies that are crucial." – Bob Kolasky
"Let's empower the institutions that Congress has created, the executive branch has created to continue to do this work. Administrations may have different priorities, but the more we jump around... the more we get drawn away from the end state goal, which is more security and resilience." – Bob Kolasky
Relevant Links and Resources:

• National Risk Management Center

Guest Bio:

Bob Kolasky is the Senior Vice President at Exeter and a former leader at the National Risk Management Center at CISA. His career has focused on addressing supply chain risk, cybersecurity, and critical infrastructure. At CISA, he worked on supply chain security efforts, particularly in defense and technology sectors, and was a key figure in developing national policies to protect critical infrastructure from cyber and physical threats.