The Senate on Tuesday passed two bipartisan bills by unanimous consent, one authorizing the Department of Homeland Security to provide state and local governments with cybersecurity help and the other to create a training program for federal employees purchasing information technology to spot supply chain risks.
Both bills now go to the House for consideration.
The State and Local Government Cybersecurity Act (S. 2520) allows the Cybersecurity and Infrastructure Security Agency’s National Cybersecurity and Communications Integration Center, upon request, to provide security tools, threat indicators, share information, and conduct exercises with state, local, tribal and territorial governments.
“As we’ve seen from the many recent cyber attacks, hackers with malicious intent can and do attack state and local cyber infrastructure consistently,” Sen. Rob Portman (R-Ohio), ranking member on the Senate Homeland Security and Governmental Affairs Committee and a co-sponsor of the bill, said in a statement. “That’s why I’m pleased the Senate passed this bipartisan bill to strengthen an existing relationship between the Department of Homeland Security and state and local partners to improve coordination and information sharing to help protect our IT infrastructure at all levels of government.”
Sen. Gary Peters (D-Mich.), chairman of the committee, also co-sponsored the bill.
The Supply Chain Security Training Act (S. 2201), which was co-sponsored by Peters and Sen. Ron Johnson (R-Wis.), would create a standardized training program for federal employees involved in purchasing information and communications technology to perform supply chain risk management activities and identify and mitigate supply chain security risks.
“Counterintelligence training for federal workers who buy and sell goods and services for the government is critical, especially at a time when our adversaries are aggressively and relentlessly attempting to breach our systems and steal information,” Johnson said in a statement. “This is valuable training that will help close a potential gap in our cyber and physical security defenses.”