Takeaways from the New Supply Chain EO

Published: May 22, 2019

DOCCritical Infrastructure ProtectionInformation TechnologyNetwork ServicesPolicy and LegislationTelecommunications

Contractor takeaways on the Executive Order declaring a national emergency on the supply chain of information and communications technology.

Issued last week, the Executive Order on Securing the Information and Communications Technology and Services Supply Chain calls for the restriction of “any acquisition, importation, transfer, installation, dealing in, or use of any information and communications technology or service” by a foreign adversary.  Labeling these threats as a national emergency, the executive order (EO) proceeds to explain how an unmonitored design in communications technology could lead to catastrophe in the national security and economy of the United States.

The EO goes into further detail defining the persons and transactions that may pose risk to the United States and gives the Secretary of Commerce an expanded authority to determine which technologies, persons in the market and foreign adversaries to use “discretion design or negotiate measures to mitigate concerns” outlined in the EO.

The EO is not the only place where Commerce is seen increasing its role in supply chain management. According to the agency’s FY 2020 budget, an additional $2M is requested for the National Telecommunication and Information Administration (NTIA) to ramp up efforts to oversee and manage supply chain risks specifically in U.S. telecommunications infrastructure.         

As outlined in the EO, the Secretary of Commerce, after consultation with appropriate federal partners, will produce the set of regulations to supply chain management in telecomm within 150 days of the order’s release. In the meantime, the Director of National Intelligence is to continue assessing threats in information and communications technology and DHS will identify the hardware, software and services that could be impacted by the order.

At the forefront of this executive order are concerns revolving around the structure of a 5G network in the United States. Chinese firms, such as Huawei and ZTE, have been of particular distress as they hold large shares of the 5G market but are thought to be susceptible to China’s national intelligence. The EO is attempting to get in front of the issue by stopping such firms from helping build the country’s next network technology as well as send the message to allies to act in the same manner.

Given all this, here are a few takeaways for contractors with regards to the EO:

  1. Extent of Restrictions: While the 5G infrastructure is at the core of the issue, contractors should be aware of the extent the EO considers information and communications technology or services to mean “any hardware, software, or other product or service primarily intended to fulfill or enable the function of information or data processing, storage, retrieval, or communication by electronic means, including transmission, storage, and display."
  2. Prime Contractor Responsibility: In federal government procurements, the motto “their problem is your problem” is resounding for prime contractors. Companies in those position must put the proper contract clauses in place not only for their own products and services but ones that flow down to a sub's products and services so they are not susceptible to the restrictions of the EO.
  3. Information and Communications Technology Supply Chain Risk Management Task Force: Contractors should follow this task force which was formed under DHS last year. The group is responsible for developing recommendations on identifying and managing risk in global supply chains and will likely become one of the sources Commerce uses to form regulations.
  4. Procurement Delays: The attention on supply chain particularly in communication infrastructure will likely cause delays in related procurements as government contracting personnel navigate proposals and ensure the prescriptions of the new EO are followed.
  5. Potential Market Incentives: At a hearing before the Committee on the Judiciary regarding supply chain and 5G, Christopher Krebs, Director of Cybersecurity and Infrastructure Security Agency at DHS proposed market incentives be put in place for trusted suppliers to compete domestically and internationally in building the 5G network.

Implications of the recent EO are here to stay and contractors must be ready for them. Speaking to the importance of supply chain, particularly in 5G infrastructure, James Andrew Lewis, Sr VP and Director of Technology Policy Program at the Center for Strategic and International Studies (CSIS), described to members of Congress that 5G is “more than phones, it is a new kind of network technology that will connect millions of devices and provide unparalleled mobility and capacity. This means that self-driving cars, smart cities, telemedicine and smart factories - a whole range of new activities and devices - can use 5G to provide expanded services at lower costs.”