Bid to beef up oversight of New Hampshire tech supply chain stalled
Measure targets potential security risks in agencies’ software, hardware, telecom purchases
The sponsor of a bill that would have created a New Hampshire Information Technology Supply Chain Risk Authority says he will try again next year after the measure was deemed inexpedient to legislate in the House of Representatives.
Rep. Peter Sommsich, a Portsmouth Democrat, proposed creating the agency in House Bill 487. It would oversee all purchases and acquisitions of software, hardware and telecommunication services used by state agencies and prevent companies from accessing information that would present a security risk to the state’s information technology infrastructure.
The bill was placed on hold following a suggestion by the state’s chief information officer, Dennis Goulet, who suggested the measure be amended until the federal government issues cybersecurity recommendations in the wake of last breach of the SolarWinds software platform that is widely thought to have been done by hackers in Russia. The breach led to widespread compromises of U.S. government and corporate networks.
Goulet and Sommsich told Government Technology magazine that they’re aiming to reintroduced the next session to give lawmakers a chance to amend it.