Senate Bill Would Train Federal Buyers to Spot Counterintelligence Threats

Senate Bill Would Train Federal Buyers to Spot Counterintelligence Threats

Senators from both sides of the political aisle introduced new legislation Friday to confront cybersecurity vulnerabilities in the federal government’s information technology procurement and lifecycle process.

The Supply Chain Counterintelligence Training Act, introduced by Sens. Gary Peters, D-Mich., and Ron Johnson, R-Wis., seeks to establish a counterintelligence training program for federal insiders who work on supply chain risk management to ensure that everyone involved can identify and mitigate threats that arise during government buying.

“America’s adversaries use any means necessary to gain access to valuable and sensitive government information, including possibly inserting compromising code into products or enlisting untrustworthy IT support personnel to exploit government systems,” Peters said in a statement.

The bill aims to create a governmentwide approach to securing information and communications technology.

“Counterintelligence training for the federal workers buying and selling goods and services for the government is critical at a time when our adversaries are seeking every possible entry point to breach our systems and steal information,” Johnson said in a statement. “This type of training will help close a potential gap in our cyber and physical security defenses.”

The legislation requires leadership from the Office of Management and Budget, National Intelligence, Homeland Security Department and General Services Administration to “establish and implement” a counterintelligence training program for agency insiders with supply chain risk management responsibilities.

It also directs agencies to regularly update Congress on the program’s implementation.

A spokesperson from the Committee on Homeland Security and Governmental Affairs also told Nextgov that the bipartisan bill “aims to prevent adversaries from gaining a foothold in the nation’s technological supply chain—a risk that has become more salient for cybersecurity professionals in recent years due to the risks associated with acquiring pro ..

Support the originator by clicking the read the rest link below.