Across the U.S. government, Federal CISOs and CIOs are working to address potential vulnerabilities on the new “front lines” of defense: cybersecurity and the software supply chain. The SolarWinds and Colonial Pipeline cyberattacks raised more widespread visibility and understanding of the impact of these threats, and in the months that have followed, a cadre of new mandates, draft legislation, and operational directives are taking aim at solving existing vulnerabilities and preventing new ones.