Senators introduce bipartisan bill to detect supply chain risks posing threats to national security

Senators introduce bipartisan bill to detect supply chain risks posing threats to national security
© Greg Nash

A bipartisan set of senators rolled out a bill Tuesday that aims to establish a council responsible for evaluating supply chain risks that could impact national security as well as create a clear path for authorities to deal with threats once they are uncovered.

Sens. Claire McCaskillClaire Conner McCaskillMcCaskill: Lindsey Graham 'has lost his mind' Trey Gowdy joins Fox News as a contributor The Hill’s 12:30 Report: Trump AG pick Barr grilled at hearing | Judge rules against census citizenship question | McConnell blocks second House bill to reopen government MORE (D-Mo.) and James LankfordJames Paul LankfordGOP advances rules change to speed up confirmation of Trump nominees GOP senator calls Omar's apology 'entirely appropriate' New battle lines in war over Trump’s judicial picks MORE (R-Okla.) introduced the The Federal Acquisition Supply Chain Security Act (FASCSA) following concerns from lawmakers about the use of products developed by foreign countries.

The concerns were magnified by controversies surrounding Russia-based Kaspersky Labs and ZTE, a China-based telecommunications firm.

ADVERTISEMENT

The Senate bill would require the Federal Acquisition Security Council to develop criteria for assessing supply chain threats. It would be required to consult the private sector on the development of such policies, and call on the government to develop a strategy to deal with the risks.

The new legislation comes after the Senate passed an annual defense policy bill on Monday that included a provision that blocks President TrumpDonald John TrumpBill Kristol resurfaces video of Pence calling Obama executive action on immigration a 'profound mistake' ACLU says planned national emergency declaration is 'clear abuse of presidential power' O'Rourke says he'd 'absolutely' take down border wall near El Paso if he could MORE’s deal to save ZTE and instead places penalties against the company.

Late last month, a federal judge dismissed Kaspersky Lab's two lawsuits alleging that the federal government and Congress acted unlawfully to ban products developed by the cybersecurity firm over security concerns.

The Department of Homeland Security (DHS) issued a directive last year to remove Kaspersky Lab products, which removed and banned Kaspersky software over concerns about the firm's ties to the Russian government.

Congress passed the 2018 National Defense Authorization Act (NDAA) following the directive, a move that came after lawmakers because increasingly concerned that U.S. computer systems were using Kaspersky software.

“For years, the Intelligence Community was aware of the risk that Kaspersky Labs antivirus products posed to national security, but that information was not widely shared with other government agencies,” the press release says.

McCaskill, the top Democrat on the Senate Homeland Security and Governmental Affairs Committee, said the new bill will help boost cybersecurity in the country by identifying supply chain threats before they get fully integrated into the federal government’s systems.

“We can’t simply respond to supply chain threats piecemeal, we’ve got to have a system in place to assess these risks across the government, and that’s what this bipartisan bill does,” McCaskill said in a statement.

Lankford said the bill will clearly lay out how each federal agency addresses security threats as they enter the supply chain.

“This bipartisan bill will help to clarify each government agencies’ role and responsibility and protect the federal government from IT security threats through strengthening supply chain risk management,” Lankford said in a statement.