Cybersecurity and Supply Chain Requirements within BEAD

 

The Broadband Equity, Access, and Deployment (BEAD) Cybersecurity and Supply Chain Risk Management requirements - what Broadband providers need to know in order to be ready for the grant application. 

 

 

Get In Touch with BorderHawk

Your Broadband Compliance Partner 

Cybersecurity, Supply Chain Risk Management, and Grant Management solutions designed for rural broadband providers.

Contact Us



Learn more about the Cybersecurity and Supply Chain Risk Management requirements. 

Request your copy of our free guide by completing the form below.
You will be directed to a page with the documents available for download. 

Pleases complete the form below.



Cybersecurity and Supply Chain Risk Management (SCRM) 
Consulting Services

Assisting broadband providers with baseline guidelines, measures, and controls for cybersecurity and SCRM.

project-details
Are You Ready for BEAD?

How can you tell if you are BEAD cybersecurity & SCRM ready?

Have you documented a current depiction of your cybersecurity posture against NIST CSF 1.1?  (This is the as-is profile).
Have you conducted an asset-based risk assessment?
If so, have you created a target profile?
Do you have a Plan of Action and Milestones (POAM)?
Do you have a complete asset inventory prioritized by vendor?

If your answer is NO to any of these questions, you are NOT ready! 



Frequently Asked Questions

Get the details about BorderHawk's phased approach to the BEAD Cybersecurity and Supply Chain Risk Management requirements.

The requirements for cybersecurity and supply chain risk management (SCRM) are found on page 70 of the BEAD NOFO.

The requirements are based on the NIST CSF and Executive Order 14028, and NISTIR 8276 and NIST 800-161 for SCRM requirements. 

The prospective subgrantee has a cybersecurity risk management plan (the plan) and SCRM plan in place that is either:

  1. Operational, if the prospective subgrantee is providing service prior to the award of the grant; or

  2. Ready to be operationalized upon providing service, if the prospective subgrantee is not yet providing service prior to the grant award.

If the answer is no to any of the following, then you are not ready.

  • Do you have an as-is profile?
  • Do you have a target profile?
  • Do you have an asset-based risk assessment?
  • Do you have a Plan of Action and Milestones (POAM)?
FAQ Image
FAQ Shape Image

Proudly Supporting Our Partners in Rural Broadband