Homeland Security Advisory Council recommends significant enhancements to DHS’ role in monitoring supply chain risk

The recent SolarWinds supply chain infiltration into federal networks is an unprecedented attack that highlights the importance of maintaining close scrutiny of suppliers. In this article, Baker Tilly summarizes key findings from two recent Homeland Security Advisory Council (HSAC)[1] reports providing recommendations on how the Department of Homeland Security (DHS) can evolve its supply chain governance practices. Released on Nov. 16, 2020, nearly a month before the SolarWinds event, we’ve summarized some of the reports’ key takeaways, as the findings are particularly relevant in a post-SolarWinds world.

Introduction

HSAC recently released two reports noting increased concern related to American economic and technological security. The reports from the Economic Security Subcommittee and the Information Communications and Technology (ICT) Risk Reduction Subcommittee represent the culmination of private and public sector analysis into vulnerabilities in supply chain governance, current industrial policy, DHS’ procurement process and aims to guide departmental policy. Notably, the reports propose enhancements to capabilities at the Cybersecurity Infrastructure and Security Agency (CISA) and make a strong case for DHS to take a more active role in supply chain assessments – with impacts that go well beyond the federal market.

Economic Security Subcommittee report

The COVID-19 pandemic’s shift into a worldwide crisis upended global supply chains, causing shortages in numerous critical industries in the U.S. – ranging from medical devices, personal protective equipment (PPE) and pharmaceuticals, to electronics and even the nation’s food supply. The sobering reality of these events, in particular, was our nation’s problematic foreign dependence on hostile countries for critical virus-related goods – hampering the ability of the federal government to effectively respond in the early days of the pandemic.  As bluntly stated within the report, the “global supply chain has made U.S. industries globally competitive, but it has also become America’s greatest vulnerability.”

Given the need to reduce the nation’s reliance on increasingly adversarial foreign sources, the HSAC was confronted with how DHS might help “contribute to the goal of greater economic security.” In order to answer this question, HSAC provided 14 recommendations, six of which have the potential to impact federal contractors. These six have been highlighted below:[2]