Tuesday, May 10, 2022

S 2201 Passed in House – Supply Chain Risk Training

Today, the House took up S 2201, the Supply Chain Security Training Act of 2021, and passed it by a voice vote with only seven minutes of ‘debate’. Since the same version of the the bill passed in the Senate, the bill now heads to President Biden for signature. There is no indication that the President has concerns about the bill, so it will probably be signed later this week.

The bill would require the General Services Administration to develop “a training program for officials with supply chain risk management responsibilities at executive agencies.” While the term ‘supply chain risk’ is not defined in the legislation, with both CISA and NIST referred to as coordination targets, I would suspect that the crafters were at least partially considering protecting hardware and software against unauthorized manipulation in transit between the manufacturer and the Federal user.

NOTE: S 1097, the Federal Rotational Cyber Workforce Program Act of 2021, also passed in the House this afternoon. Since this is purely a federal workforce issue with little or no potential effect on control system cybersecurity, I have not covered this bill. It also going to Biden for signature.

No comments:

/* Use this with templates/template-twocol.html */