Sens. Gary Peters (D-Mich.) and Ron Johnson (R-Wisc.) last week introduced a bipartisan bill to create a training program to help federal employees involved with supply chain management risk to identify products and services that have potential cyber vulnerabilities.
The Supply Chain Security Training Act directs the General Services Administration to work with the Departments of Homeland Security and Defense and the Office of Management and Budget (OMB) to create a standardized supply chain security training program for federal employees. It also directs OMB to develop guidance for agencies to adopt and use the training program and how to select officials to participate in training.
“Recent attacks against American networks show that our foreign adversaries and criminal organizations will stop at nothing to breach federal networks, steal information and compromise our national security,” Peters said in a statement. “Federal employees need to know how to recognize possible threats when they are purchasing software and equipment that could allow bad actors a back door into government information systems.”
The legislation is based on a similar bill the two senators introduced in 2019, the Supply Chain Counterintelligence Training Act.
“Counterintelligence training for federal workers who buy and sell goods and services for the government is critical at a time when our adversaries are probing cyber vulnerabilities to breach our systems and steal information,” Johnson said. “This type of training will help close a potential gap in our cyber and physical security defenses.”