This latest version of the longstanding “Threat Scenarios Report” includes a new topic: the implications of Artificial Intelligence (AI) for the threat landscape and for risk mitigation. It provides guidance for procurement and source selection officials to address a wide range of risk affecting suppliers’ and third parties’ products and services. It identifies threats associated with AI, describes how AI-related threats nest into the broader SCRM threat landscape, and includes a discussion of the considerations, challenges, and benefits AI contributes to supply chain risk management.
This product was developed in 2025 by the ICT Supply Chain Risk Management (SCRM) Task Force, a collaborative public-private body previously organized under the Critical Infrastructure Partnership Advisory Council. It is the result of robust collaboration between members of the Communications and IT Sector Coordinating Councils and was informed by consultative discussions with partners across the U.S. Federal government, including the Cybersecurity and Infrastructure Security Agency (CISA), the Department of Homeland Security (DHS), the Department of State, the Federal Communications Commission (FCC), the Federal Energy Regulatory Commission (FERC), the General Services Administration, the National Institute of Standards and Technology (NIST), and the Nuclear Regulatory Commission (NRC).
