admin Today, the House took up S 2201, the Supply Chain Security
Training Act of 2021, and passed it by a voice vote with only seven minutes of ‘debate’.
Since the same version of the the bill passed
in the Senate, the bill now heads to President Biden for signature. There
is no indication that the President has concerns about the bill, so it will
probably be signed later this week.
The bill would require the General Services Administration
to develop “a training program for officials with supply chain risk management
responsibilities at executive agencies.” While the term ‘supply chain risk’ is
not defined in the legislation, with both CISA and NIST referred to as
coordination targets, I would suspect that the crafters were at least partially
considering protecting hardware and software against unauthorized manipulation
in transit between the manufacturer and the Federal user.
NOTE: S
1097, the Federal Rotational Cyber Workforce Program Act of 2021, also
passed in the House this afternoon. Since this is purely a federal workforce
issue with little or no potential effect on control system cybersecurity, I
have not covered this bill. It also going to Biden for signature.
