IT supply chain security is undergoing closer scrutiny as state and local government IT leaders grapple with ransomware, discover new vulnerabilities and confront the possibility of another SolarWinds type of attack. In the SolarWinds attack, an update in software created a backdoor for cybercriminals to enter systems and silently wreak havoc in many private sector firms as well as federal, state and local agencies. The massive attack is still under investigation, and recent reports indicate the perpetrators may have also turned cloud platforms and other vendors’ products into potential attack vectors.