The Senate passed legislation that would establish an interagency council with authority to develop rules for federal supply chain security.
The Federal Acquisition Supply Chain Security Council will be charged with the development of National Institute of Standards and Technology guidelines on supply chain risk management, crafting information-sharing protocols between federal and non-federal entities, establishing a lead agency to oversee the information-sharing process and looking into broadly applicable contracting solutions, such as subscription services or machine learning-enhanced analysis, that can guide procurement decisions.
It will also develop the criteria for exclusion or removal orders issued by cabinet secretaries to prohibit agencies from purchasing certain products or mandate removal of software from their information systems based on supply chain risks.
The bill was sponsored by former Sen. Claire McCaskill (D-Mo.).
"The Senate passage of this bill helps the federal government move in the right direction to strengthen cybersecurity vulnerabilities," said Sen. James Lankford (R-Okla.), one of the bill's co-sponsors. "We must have a process in place to address security threats in our supply chain before they become security realities. We should learn from past mistakes in purchasing and close our security gaps."