NEW SENATE BILL
A bipartisan bill introduced in the Senate on Thursday would attempt to address cybersecurity threats to the federal government stemming from the use of potentially insecure third party services.
The Supply Chain Security Training Act, introduced by Senate Homeland Security and Governmental Affairs Committee Chairman Gary Peters (D-Mich.) and Sen. Ron Johnson (R-Wis.), would establish a training program for federal employees tasked with purchasing information technology products for agencies.
The General Services Administration would coordinate with the Department of Homeland Security, the Department of Defense, and the Office of Management and Budget (OMB) in creating the program, and OMB would be required to develop guidance for federal agencies to understand how to implement the program.
The bill was introduced more than six months after the SolarWinds hack was discovered in December, one of the largest cyberattacks in U.S. history. The incident involved Russian government hackers exploiting a software update from IT group SolarWinds to compromise its customers, which included nine federal agencies and 100 private sector groups.