Listen to the Deep Dive
Protecting Our Supply Chain: Understanding Section 847 of the NDAA
Learn about Section 847 of the National Defense Authorization Act (NDAA), which aims to mitigate Foreign Ownership, Control, or Influence (FOCI) in US defense supply chains.
Introduction
Have you ever wondered how the products and services we use daily are sourced and produced? Many of these items, from the electronics in our homes to the infrastructure that supports our communities, are part of complex supply chains that span the globe. While globalization has brought many benefits, it has also raised concerns about the security of these supply chains, particularly when it comes to critical industries like defense.
In recent years, there has been growing concern about Foreign Ownership, Control, or Influence (FOCI) in US defense supply chains. FOCI refers to situations where foreign entities, often governments or state-sponsored actors, may have significant influence over companies that provide goods and services to the US Department of Defense (DOD). This influence could potentially compromise the security and integrity of our defense systems.
To address these concerns, Congress passed Section 847 of the National Defense Authorization Act (NDAA) for Fiscal Year 2023. This new law aims to mitigate FOCI risks by requiring DOD contractors to implement certain security measures.
What is Section 847?
Section 847 is a provision of the NDAA that requires DOD contractors with contracts exceeding $5 million to implement measures to mitigate FOCI risks. These measures may include:
- Cybersecurity safeguards: Protecting sensitive information and systems from cyberattacks.
- Supply chain risk management: Identifying and mitigating risks associated with foreign suppliers.
- Employee screening and vetting: Ensuring employees with access to sensitive information are trustworthy.
- Data protection and privacy: Safeguarding sensitive data and personal information.
Why is Section 847 Important?
Section 847 is important because it helps to protect the security of our nation’s defense supply chain. By requiring contractors to implement FOCI mitigation measures, the DOD can reduce the risk of foreign interference and ensure that our defense systems are reliable and secure.
What are the Key Differences Between Section 847 and Existing FOCI Mitigation Programs?
While Section 847 shares similarities with existing FOCI mitigation programs, it differs in a few key ways:
- Scope: Section 847 applies to a broader range of DOD contractors than previous programs.
- Mandate: Section 847 is mandatory for covered contractors, unlike some voluntary programs.
- Flexibility: Section 847 allows contractors to choose the specific mitigation measures that best suit their needs.
What is the Timeline for Implementation?
The DOD is currently working on implementing Section 847. The agency is expected to issue rules and guidance in the coming months. Once these rules are finalized, contractors will have a specific timeframe to comply with the new requirements.
How Can Industry Participate in the Rule-Making Process?
Industry stakeholders are encouraged to participate in the rule-making process by submitting comments and feedback to the DOD. This is an opportunity to provide input on the implementation of Section 847 and to ensure that the rules are practical and effective.
What is the Broader Impact of Section 847?
Section 847 is likely to have a significant impact on the defense industry. Contractors will need to invest in new cybersecurity and supply chain management tools and processes. Additionally, the law may lead to increased scrutiny of foreign investments in US defense companies.
Conclusion
Section 847 is a critical step in protecting the security of our nation’s defense supply chain. By understanding the requirements of this new law, contractors can take proactive steps to mitigate FOCI risks and ensure the continued reliability and security of our defense systems.
