CybersecuritySecurity NewswireSecurity Leadership and ManagementSecurity & Business ResilienceCybersecurity NewsGovernment: Federal, State and LocalTransportation/Logistics/Supply Chain/Distribution/ Warehousing

Congress passes DHS software supply chain bill

By Madeline Lauver

Members of the House of Representatives recently voted to pass the Department of Homeland Security (DHS) Software Supply Chain Risk Management Act of 2021 (H.R. 4611), a measure aiming to further secure software provided to DHS by contractors.

According to the new act, the DHS under secretary will issue guidance on future and ongoing software contracts. The bill specifies that new and existing contractors must provide certification that each item provided in their contract is free of known vulnerabilities and defects affecting the security of the end product or service. In order to provide this certification, contractors can reference the National Institute of Standards and Technology Vulnerability Database or any other database that tracks software security defects and vulnerabilities designated by the DHS under secretary in coordination with the director of the Cybersecurity and Infrastructure Agency.

The DHS guidance is expected to be released 180 days after the bill's enactment.

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Madeline Lauver is a former Editor in Chief at Security magazine. Within her role at Security, Lauver focused on news articles, web exclusives, features and several departments for Security’s monthly digital edition, as well as managing social media and multimedia content.