Jake Olcott, vice president of strategic partnerships at BitSight, said government agencies across the country "must address cyber risks to their vendors."
"Agencies rely on hundreds, if not thousands of vendors -- like GovPayNow -- to provide critical services, maintain sensitive citizen data, and perform key functions," Olcott wrote via email. "While agencies are spending significant amounts of money protecting themselves, they often fail to ask even the most basic cybersecurity questions of their vendors. The bad guys know this and are now shifting their attacks to the supply chain."