House, Senate NDAAs Seek to Address Supply Chain Security Risks Posed by China

House, Senate NDAAs Seek to Address Supply Chain Security Risks Posed by China
U.S. Capitol

The Senate and House of Representatives have included provisions to address China-related supply chain security issues in their versions of the fiscal 2021 National Defense Authorization Act, Federal News Network reported Friday.

The Senate’s NDAA version would require the secretary of the Department of Defense (DoD) to “take security risks posed by at-risk vendors such as Huawei and ZTE into account when making overseas stationing decisions.”

The bill would also direct the Pentagon to submit a report on the risk posed by Huawei’s 5G telecommunications infrastructure in host countries to DoD personnel, operations and equipment.

The report should contain measures to address risks. The lower chamber’s NDAA would require DoD to brief the House Armed Services Committee on the implementation of Section 889 of FY 2019 NDAA no later than Dec. 1.

To implement Section 889, the Federal Acquisition Regulatory Council will issue a new rule that would ban U.S. government agencies from buying goods and services from contractors that use telecommunications equipment and other products from Huawei, ZTE, Hikvision, Dahua and Hytera Communications. The rule is set to take effect Aug. 13 and would require a company to either secure a government waiver or certify that it does not utilize products from those China-based companies.

The briefing should address whether the government has issued the final implementing regulation, the type and amount of waivers and exceptions that have been granted and whether the departments intend to seek a delay to the implementation of the ban, among others.

Check Also

NSA

NSA Reports on New Cyber Vulnerability in Computers

The National Security Agency (NSA) has issued a report on a new cyber vulnerability that threatens certain systems present within the Department of Defense and other organizations. The BootHole vulnerability allows cyber actors to get through the Secure Boot security standard that makes devices boot only with software trusted by original manufacturers.