Bill Evanina, director of the National Counterintelligence and Security Center in the Office of the Director of National Intelligence, doesn’t think we should be focused on Cyber Security.

In remarks published by the Federal News Network, Evanina said, “I think the question I’d ask every federal employee and contractor to go back and ask your organization, ‘What are you doing to advise and inform your supply chain integrity? What are we doing as an organization to protect our supply chain integrity?  Every single government employee and contractor has a role in this. This is not owned and operated by the chief information officer and the chief information security officer. We all, as government employees and contractors, own a piece of the stake of the supply chain integrity.”

The next time somebody tells you that you have a cyber problem, acquaint them with all the players across the organization who play a critical role in maintaining Supply Chain Integrity.

The federal government can do remarkable things. They are worried about supply chain integrity. Can we trust Congress to do the right thing?

The machine that is the federal government – and, by implication, the Department of Defense Supply Chain - can be difficult to understand. Yet we really need to understand it, because it is a significant driver of logistics. Logistics activities are channeled, and often specifically directed, by what Congress decides to do. If a company doesn’t pay attention, unexpected impacts can roll in from the blind side.

The implications of the blind side hits can be significant.

Consider the continuing trade tensions with China. The total value of bilateral trade between the United States and China dropped by nearly 14% in the first half of the year compared to the same period in 2018 according to the US Commerce Department. There are a variety of opinions on whether this is a positive development or a negative one. What is not in dispute is that the trade war has resulted in seismic shirts in logistics.

President Trump and China’s President Xi have disrupted a globalization trend that has been going on for decades.

There may be another disruption on the way. On June 27, at the beginning of the summer, the Senate’s passed their version of the National Defense Authorization Act for Fiscal Year 2020. Included in the Senate’s version of the Defense Budget for the next year has an obscure feature built in. Section 831 provides for the “modernization of acquisition processes to ensure integrity of industrial base.”

The focus of the bill is, “Digitization and modernization.” Specifically, “The Secretary of Defense shall streamline and digitize the existing Department of Defense approach for identifying and mitigating risks to the defense industrial base across the acquisition process, creating a continuous model that uses digital tools, technologies, and approaches designed to ensure the accessibility of data to decision-makers in the Department.” 

Embedded supply chain and logistics risk – think Huawei’s 5G technology - is influencing the thinking on Capitol Hill and Congress is worried.

The bill directs the Under Secretary of Defense for Acquisition and Sustainment to take the lead. Specifically, the Under Secretary will characterize and monitor supply chain risks, including material sources and fragility, counterfeit parts, cybersecurity of contractors, vendor vetting in contingency or operational environments, and other risk areas as determined appropriate.

That is a broad portfolio with the potential to intrude and perhaps disrupt logistics.

The MITRE Corporation, a prominent think tank, supports the bill. On a publicly available website they say, “there are critical risks across the industrial base to include adversaries stealing designs of critical systems to controlling and corrupting key elements of the supply chain. DoD must also develop contract strategies at portfolio and enterprise levels to minimize winner-take-all contracts that create a monopoly for key defense sectors and instead enable vibrant competition from many vendors from the primes down to all tiers of the supply chain. Digital solutions help DoD maintain an enterprise view.”

While MITRE and many others may endorse the idea of the Federal Government being involved “from the primes [Prime Contractors to the Department of Defense] down to all tiers of the supply chain,” there are contractors supporting the Defense Industrial base with a different point of view.

The emerging legislative perspective is that the Department of Defense has responsibility for the “characterization and monitoring the health and activities of the defense industrial base.” This view assumes that the Department is equipped to pass judgement on profitability, investment, innovation, technological and manufacturing sophistication, as well as the “culture of performance.”

Individuals civil servants award federal contracts, not an Office or a Department. The Contracting Officer has absolute final decision authority. Part of that final decision is the “Responsibility Determination,” where the Contracting Officer certifies that, in their judgement, the contractor to have the means and ability to complete the contract. Congress may broaden the scope of the Contracting Officers portfolio to include “consideration of the need for special standards of responsibility to address the risks.”

The challenge lies in the implementation language. “Special standards” are not defined.

It is a complex problem. Huawei is the latest case, but there are others. Buried deep inside many products – even those assembled in the United States – are computer chips. The largest producer is China. The list includes common items like steel, a vital defense commodity, and we import substantial quantities from Russia.

Uncommon materials, vital in certain defense applications, that are dependent on a logistics network that extends to China. According to the Government Accountability Office, “rare earths are essential to the production, sustainment, and operation of U.S. military equipment. Reliable access to the necessary material, regardless of the overall level of defense demand, is a bedrock requirement for DOD.” What the GAO delicately avoids mentioning is that China is the principal – and for some of the elements, the only – source.

Congress has a challenge. There is merit to both perspectives. The art lies in creating the right blend. Remember, laws are like sausages. It is better not to see them being made.