Critical infrastructure
News

New defense supply chain task force zeroes in on prevailing threats and vulnerabilities

August 02, 2021
Supply Chain Task Force

A bipartisan Defense Critical Supply Chain Task Force released their final report, findings and recommendations, following a months-long review of supply chain threats and vulnerabilities. Established by the House Armed Services Committee, the Task Force focused its efforts on improving the defense supply chain specifically, so that the Committee can take legislative action to address risks and build resiliency.

The Task Force worked with the Department of Defense (DOD) in identifying actionable legislative proposals for incorporation in the Fiscal Year 2022 National Defense Authorization Act (NDAA), and put the Department on a path toward improved Supply Chain Risk Management (SCRM) and resilience against further shocks to the supply chain. 

“For more than 50 years, the U.S. has pursued efficiency in its supply chains, and the last year has crystallized the need to build supply chain resilience into our thinking, as well,” Jesse Salazar, the deputy assistant secretary of defense for industrial policy, said in a media statement. “The White House, Congress, the DOD, our interagency partners and industry stand united behind strengthening our defense industrial base and working in common cause with our closest allies and partners,” he added.

The Defense Critical Supply Chain Task Force was established to make the security of the supply chain a legislative priority, and provide specific, legislative proposals to mitigate risk immediately, instead of waiting to respond to the next crisis. 

The intention of the Task Force, consisting of four Democrat and four Republican members was to review the industrial base supply chain to identify and analyze threats and vulnerabilities, and produce concrete, actionable legislative solutions for the Fiscal Year 2022 NDAA. It also aimed to help defense supply chains to understand where the DOD is most vulnerable when it comes to procuring military-essential items.

The Task Force’s work highlighted critical supply chain risks, revealed the need to build supply chain resilience, and thereby decrease the reliance of the U.S. on overseas resources, especially from China. 

“It is clear to us that failure to address our current cumbersome supply chain procedures will weaken American leaders’ ability to respond to strategic challenges,” according to the supply chain task force report. “A foreign adversary that can leverage supply chain vulnerabilities and divert decision makers’ attention from provocative acts, can also fundamentally impact the choices the United States makes in response to military escalation. In short, overreliance on China in critical supply chains, particularly in the defense sector, creates significant strategic and competitive risk for the United States,” it added.

The mandate of the Task Force was to detect the processes by which DOD analyzes supply chain vulnerabilities and develops mitigation strategies, identify the DOD’s processes to prioritize and mitigate identified vulnerabilities, and ascertain the steps Congress and others can take to help build resilience against future shocks to the supply chain, both in the near term with respect to selected cases, and over the longer term, leveraging the lessons learned from the initial actions. 

The defense critical supply chain was an ambitious topic for a three-month task force study. The Task Force formally met 12 times since Mar. 3 and held nine roundtables with former and current DOD officials, experts across key industry associations, think tanks, academia, and non-traditional industry to solicit their views.

During the Task Force roundtables, the members heard from the witnesses that neither the DOD nor the majority of the Defense Industrial Base (DIB) have sufficient visibility into the supply chain to understand its vulnerabilities. The DOD cannot build resilience and mitigate risk in the supply chain without a firm understanding of where its materials and supplies are sourced and manufactured. Thirdly, the DOD must have visibility into the defense supply chain to understand its current vulnerabilities and understand its surge capacity in the next crisis. 

The panelists also encouraged deeper, more meaningful expansion of the National Technology and Industrial Base (NTIB), comprising the U.S., Canada, the U.K., and Australia. Two officials, both of whom had significant experience directly related to the implementation of the expanded NTIB, recommended identifying and funding, even at relatively low levels, pathfinder activities with the potential to scale across the markets of these trusted allies.

The Task Force recommends updating statutory authority to emphasize the value of a broad collaboration with the NTIB allies beyond acquisition, strengthen the alliance, and direct the NTIB Council to identify particular policies and regulations that could be expanded to the allies. It also advised authorizing an NTIB International Council to harmonize industrial base and supply chain security policies. 

Anna Ribeiro
Industrial Cyber News Editor. Anna Ribeiro is a freelance journalist with over 14 years of experience in the areas of security, data storage, virtualization and IoT.

A complimentary guide to the who`s who in industrial cybersecurity tech & solutions

Free Download

Related

Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Cisco Talos details ArcaneDoor campaign found targeting perimeter network devices across critical infrastructure
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
Forescout report warns of growing security risks to critical infrastructure as OT/ICS exposed data escalates
ASIS Foundation reports on impact of autonomous vehicles on security and technology
ASIS Foundation reports on impact of autonomous vehicles on security and technology
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
European Commission makes €112 million investment in AI, quantum research under Horizon Europe program
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
MITRE unveils ATT&CK v15 with upgraded detections, analytic format, cross-domain adversary insights
RMC
Risk Mitigation Consulting acquires Securicon, boosting cybersecurity and mission assurance offerings
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation
Hackers target Tipton Municipal Utilities wastewater treatment plant, prompting federal investigation
New CGCYBER report warns of cybersecurity risks in marine environment due to network-connected OT systems
New CGCYBER report warns of cybersecurity risks in marine environment due to network-connected OT systems
Ukrainian CERT details malicious plan by Sandworm group to disrupt critical infrastructure facilities
Ukrainian CERT details malicious plan by Sandworm group to disrupt critical infrastructure facilities
DC3, DCSA collaborate to launch vulnerability disclosure program for defense industrial base
DC3, DCSA collaborate to launch vulnerability disclosure program for defense industrial base