Bill seeks to protect against counterfeit IT

DOD officials concerned by globalization of IT industry, increased vulnerability to counterfeit IT systems

The Senate Armed Services Committee has proposed giving the Defense Department authority to exclude companies from competing for contracts if the firms threaten IT system development, according to legislation.

The committee’s concern for the supply chain stems from a 2009 DOD report on trusted defense systems. DOD found that the globalization of the IT industry has increased the vulnerability of the department's IT systems. The report found a growing risk that systems and networks critical to DOD could be exploited through counterfeit systems or malicious code and other defects introduced by suppliers.

Under the measure, an agency in DOD would be able exclude a company from competing for a contract, task or delivery order, or even a subcontract, but officials would not be required to disclose who’s on the list, according to the Senate’s National Defense Authorization Act (S. 3454).


Related stories:

DOD builds infrastructure to support cyber forces

Report suggests cyberattacks against DOD are falling


The director of the Defense Intelligence Agency and the assistant secretary of defense for networks and information integration would make the decision “that the exclusion of a particular source is necessary to avoid an unacceptable supply chain risk,” the bill states.

Furthermore, it states that a company “shall not be subject to disclosure.”

“The committee concludes that the secretary should have the authority needed to address this risk,” according to the committee’s report that sheds light on the bill’s provisions.

The current session of the Senate is not likely to act on the bill, but the upper chamber may revisit the legislation after the new Congress begins.

“The new Congress will have to start over, but the delay will not have any significant impact,” said Robert Burton, former deputy administrator in the Office of Federal Procurement Policy and now a partner at the Venable law firm.

Despite the committee’s attempts at protection, the provision has raised concerns in the acquisition community. Experts fear DOD and the government overall could go too far with authority.

“It is stunning," Burton said. "Basically, any contractor can be excluded from a competition because of an ‘unacceptable supply chain risk.' I think the provision is overly broad and could be abused.”

Companies on such a list also could spread to other agencies, even beyond DOD, and lead other agencies to question a company’s reputation, said the American Small Business Association. This could start de facto debarments across the government without due process.

Alan Chvotkin, executive vice president and counsel at the Professional Services Council (PSC), said the government can find better options for keeping a check on supply chain risks.

“Exclusion should be the last approach,” he said.

However, DOD has a legitimate concern for malicious IT systems, he said. Standards are too broad when determining a risky system, which needs to be worked out. The PSC and other industry groups have met with the Senate committee, and Chvotkin said the committee staff members have been engaged in open, substantive discussions.

About the Author

Matthew Weigelt is a freelance journalist who writes about acquisition and procurement.

Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.