04.12.18

Bipartisan, bicameral bill from Sens. Coons, Graham, Gillibrand & Reps. Panetta, Gallagher addresses cybersecurity vulnerabilities in the defense supply chain

Bill authorizes the Department of Defense and the highly successful Hollings Manufacturing Extension Partnership (MEP) program to aid suppliers of the Department of Defense in complying with new cybersecurity requirements.

WASHINGTON – U.S. Senators Chris Coons (D-DE), Lindsey Graham (R-SC), and Kirsten Gillibrand (D-NY), along with Congressmen Jimmy Panetta (D-CA) and Mike Gallagher (R-WI), today introduced the Enhance Cybersecurity for Small Manufacturers Act, which gives the Department of Defense and MEP program additional tools to help small manufacturers in the defense supply chain eliminate potentially significant cybersecurity risks. 

As of December 2017, Department of Defense suppliers must comply with new, tougher cybersecurity requirements to ensure information relevant to defense manufacturing supply chains is protected. 

The Hollings Manufacturing Extension Partnership (MEP) Program interacted with over 1,000 small manufacturers regarding the Department of Defense’s cybersecurity requirements. This outreach by the MEP program revealed a significant lack of awareness of the new cybersecurity requirements among small manufacturers in the defense supply chain and a deficiency of financial and technical resources required to manage cybersecurity risks. 

If cybersecurity vulnerabilities remain unaddressed, defense supply chains face a higher likelihood of serious and exploitable vulnerabilities, as well as a substantial reduction in the number of suppliers compliant with Department of Defense requirements, and therefore ineligible to provide products and services to the Department of Defense.  

The bill will help small manufacturers by: 

  • Requiring the dissemination of cybersecurity resources to raise awareness of new requirements and best practices in order to address a widespread lack of awareness of cybersecurity threats among small manufacturers in the defense industrial supply chain. 
  • Authorizing MEPs to conduct voluntary self-assessments of small manufacturers in order to understand operating environments, cybersecurity requirements, and existing vulnerabilities.
  • Authorizing MEPs to help small manufacturers implement security measures that are adequate to protect sensitive defense information if vulnerabilities are uncovered. 

“Small manufacturers are essential to the defense supply chain,” said Senator Coons. “I’m very concerned that many of these manufacturers have not been able to implement the Department of Defense’s new cybersecurity requirements. The MEP program is well-positioned to help these manufacturers. This bill provides the Department of Defense and MEPs with the tools to ensure we’re closing any vulnerabilities that could harm our national security." 

“Robust cyber security requirements are essential to protecting our national security and defense industrial base.  We need to ensure the small and medium-sized manufacturers in the defense supply chain implement stronger cybersecurity protections,” said Senator Graham. “This legislation will provide the technical resources they need as they continue to work to protect our nation and interests.”

“New York’s small manufacturers play an important role in the defense supply chain, yet they face significant cybersecurity vulnerabilities that threaten our national security and limit these companies’ opportunities for selling their high-quality goods and services to the government,” said Senator Gillibrand. “We must ensure that our small manufacturers have the necessary resources to protect our country’s defense information and minimize their risk of cyberattacks. The Enhance Cybersecurity for Small Manufacturers Act would help provide the critical assistance needed for addressing these existing gaps in our cybersecurity.”  

“Small and midsize manufacturers are critical components of the national security innovation base,” said Congressman Panetta. “These businesses face distinct cybersecurity challenges related to national security. This bipartisan, bicameral bill empowers the nationwide network of Manufacturing Extension Partnership (MEP) Centers to deliver proven, comprehensive cybersecurity solutions to U.S. manufacturers, fueling economic growth, advancing American industry, and strengthening national security.” 

“Some of our nation's most innovative companies are located in places like Northeast Wisconsin, and they have a vital role to play in helping strengthen our national defense. This important bill both increases supply chain security and makes it easier to bring local innovation into our defense industrial base.” said Congressman Gallagher. 

“The American Small Manufacturers Coalition strongly supports this bill. Cybersecurity is a critical issue for our defense supply chain and the Manufacturing Extension Partnership is in a key position to support our defense industrial base. This bill allows the MEP program to work with defense suppliers to rapidly deploy shared cybersecurity services, best practices and resources to enable them to prevent future attacks,” said Carrie Hines, President & CEO, American Small Manufacturers Coalition.

###

Press Contact

Sean Coit at 202-224-5042 or Sean_Coit@coons.senate.gov