The House on Tuesday passed a bill to authorize the Secretary of Homeland Security to implement security requirements for information relating to supply chain risk.
The Securing the Homeland Security Supply Chain Act of 2018 would give the Secretary of Homeland Security authority to ban foreign IT companies whose services or products are considered risky, or against the interests of the U.S.
The legislation would mandate the DHS chief review and ban agreements with foreign contractors deemed potential threats to the country.
DHS would usually be required to notify contractors about a ban, and give them the opportunity to object to the measure or make changes to address DHS’s concerns. However, that requirement would be dropped if the contractor was believed to pose a significant enough threat. DHS banned the federal government from using Kaspersky software earlier this year, and federal contractors will also soon be required to stop using the anti-virus software.
“There is no question that nation-states and criminal actors are constantly trying to exploit U.S. government and private sector systems to steal information or insert potentially harmful hardware or software,” said the bill’s sponsor, Rep. Peter King, R-N.Y., on the House floor before a voice vote.