HASC chairman looks to block supply chain threats in NDAA

The Defense Department could get something like a software vendor blacklist with the 2020 defense authorization bill, according to the chairman's mark of the bill.

"Huawei illustrates the national security threats that can come from the global supply chain," Rep. Adam Smith (D-Wash.), who chairs the House Armed Services Committee (HASC), told reporters during a Defense Writers Group breakfast event June 10.

"We are going to have to work with other entities, but sometimes, like if you've got Huawei, a major Chinese telecom company building your telecommunications systems," he said, "that's a national security vulnerability that we should probably find a way to avoid."

But because the U.S. can't make everything itself, there must be a process to help identify and evaluate threats posed by foreign suppliers. Smith said flushing out the next national security threat in the supply chain is a major priority, and a summary of the chairman's mark released June 10 reflects that.

The mark does not name specific companies like the 2019 National Defense Authorization Act, which called out Chinese telecom manufacturers Huawei and ZTE, but instead pushes for suspension and debarment of companies that don't meet certain cybersecurity standards.

That process, which would require companies be named, could be tantamount to a blacklist of software companies that fail to meet supply chain cybersecurity guidelines, HASC staffers told reporters during a background briefing June 7. (DOD acquisition head Ellen Lord has floated a similar idea.)

According to a summary of the chairman's mark, the defense secretary would have to assess existing policies for telecom and video surveillance services and equipment from foreign contractors and subcontractors and also determine how to mitigate threats through the debarment and suspension process.

Other tech priorities in the chairman's mark include developing policies for 5G and artificial intelligence so the Defense Department can have a clear view of future threats and capabilities.

Smith said the point is to get clarity on the process from DOD and determine the template of what types of associations foreign companies have that could be a national security risk.

"It all comes down to how will we use the technology," Smith said, citing unmanned assets as an example, "and I don't think we have an adequate answer to that."

Smith said the 2020 defense bill has provisions designed to help DOD get a "clearer picture" even though it's not readily understood how emerging technologies will be applied on the battlefield.

However, the chairman said it's better the Pentagon find those answers sooner, especially when it comes to AI and 5G as those technologies are "most open to interpretation" compared to others, such as hypersonics, because they have broad implications of how they will be used.

Smith said that while the majority of the bill is "uncontroversial," there are potential sticking points, such as the $733 billion topline budget compared to the $750 billion in the Senate's version of the bill and sorting out new members' priorities.

One of Smith's prime concerns was giving DOD more money than it could handle. The chairman told reporters that mismanagement and waste tend to follow DOD when it gets more money than it planned to have, particularly having more programs than could be funded, he said. During a June 10 keynote discussion at the Center for Strategic and International Studies, he said he was concerned there were going to be more programs than could be funded.

"By giving them more," he told reporters earlier, "I think we encourage inefficiency."

The authorization bill is set for a full committee markup June 12.