The bipartisan leaders of the Senate Homeland Security and Governmental Affairs Committee have introduced a bill (S-2201) to help protect against cybersecurity threats and other technological supply chain security vulnerabilities that arise when the federal government purchases services, equipment or products.
The measure would create a standardized training program to help federal employees responsible for purchasing services and equipment identify whether those products could compromise the federal government’s information security.
It further would order the GSA to create a supply chain security training program for federal officials with supply chain risk management responsibilities and require OMB to develop guidance for federal agencies to adopt and use the training program and how to select officials to participate in the training.
Sponsors said the bill would build on a recent executive order from President Biden that made it easier for federal agencies to share threat information, modernize their cybersecurity infrastructure and enhance federal software supply chain security in the wake of recent serious breaches.
“Federal employees need to know how to recognize possible threats when they are purchasing software and equipment that could allow bad actors a back door into government information systems. This bill will help strengthen national security by safeguarding against cybersecurity vulnerabilities and other threats posed by the technology our government uses,” said chairman Sen. Gary Peters, D-Mich.