WASHINGTON, DC – U.S. Senator Gary Peters (MI), Chairman of the Homeland Security and Governmental Affairs Committee, introduced bipartisan legislation to help protect against cybersecurity threats and other technological supply chain security vulnerabilities that arise when the federal government purchases services, equipment, or products. The Supply Chain Security Training Act would create a standardized training program to help federal employees responsible for purchasing services and equipment identify whether those products could compromise the federal government’s information security.
“Recent attacks against American networks show that our foreign adversaries and criminal organizations will stop at nothing to breach federal networks, steal information, and compromise our national security,” said Senator Peters. “Federal employees need to know how to recognize possible threats when they are purchasing software and equipment that could allow bad actors a back door into government information systems. This bill will help strengthen national security by safeguarding against cybersecurity vulnerabilities and other threats posed by the technology our government uses.”
Training and preparing federal acquisitions employees to recognize and mitigate these growing threats is an essential step in preventing hostile actors from compromising America’s national security. Recent breaches of federal information systems exploited vulnerabilities in the SolarWinds and Microsoft Exchange networks, highlighting the need for robust technological supply chain security and the importance of ensuring agency personnel responsible for managing these resources are well versed and up-to-date on cybersecurity threats and other attempts to steal sensitive or valuable information.
The Supply Chain Security Training Act directs the General Services Administration (GSA), in coordination with the Department of Homeland Security (DHS), Department of Defense (DOD), and the Office of Management and Budget (OMB), to create a supply chain security training program for federal officials with supply chain risk management responsibilities. The bill would also require the Office of Management and Budget (OMB) to develop guidance for federal agencies to adopt and use the training program and how to select officials to participate in the training.
The bill is based on similar legislation Peters introduced last Congress. The legislation also builds on a recent executive order from President Biden that made it easier for federal agencies to share threat information, modernize their cybersecurity infrastructure and enhance federal software supply chain security in the wake of recent serious breaches.
As Chairman of the Homeland Security and Governmental Affairs Committee, Peters has led efforts to secure our nation’s cyber networks and critical infrastructure. A provision authored by Peters to increase our government’s ability to quickly respond to cyber-attacks that could compromise federal supply chains, such as recent breaches of the SolarWinds and Microsoft Exchange networks, passed the Senate as part of a larger package to boost American competitiveness. As a part of the American Rescue Plan Act, Peters helped secure nearly $2 billion to modernize federal information technology systems, bolster federal cyber defenses and guard against attempts to attack technological supply chains and networks critical to our pandemic response. In April, the Senate also passed his provision to help protect our nation’s public water infrastructure technology systems, following recent cyber-attacks on water utilities.
###
