Webinar
A new chapter for the Defense Industrial Base
Supply chain risk oversight in the Trump era
June 27, 2025 · Authored by Leo Alvarez, Theresa Campobasso
As the global landscape continues to shift, the Defense Industrial Base (DIB) finds itself at a pivotal crossroads. The convergence of geopolitical tensions, regulatory expansion and technological disruption has ushered in a new era of supply chain risk oversight — one that demands agility, transparency and strategic foresight. At Baker Tilly, we are committed to helping government contractors navigate this evolving terrain with confidence and clarity.
The regulatory tidal wave: A decade of escalating oversight
Over the past decade, the federal government has steadily intensified its focus on supply chain risk management (SCRM). From the establishment of the Federal Acquisition Security Council (FASC) under the Secure Technology Act to the sweeping mandates of executive orders (EO) and National Institute of Standards and Technology (NIST) frameworks, the message is clear: supply chain security is national security.
Recent executive actions — such as EO 14272, EO 14285 and EO 14293 — underscore the urgency of securing critical mineral and pharmaceutical supply chains. Meanwhile, export restrictions targeting advanced technologies and reciprocal tariffs aimed at trade imbalances with China reflect a broader strategic realignment of U.S. supply chains.
The implications for contractors are profound. Compliance is no longer a box-checking exercise—it is a strategic imperative.
Lessons from the frontlines: Supply chain compromises and their fallout
The SolarWinds breach, Colonial Pipeline ransomware attack and the recent discovery of “kill switches” in foreign-manufactured energy components serve as stark reminders of the vulnerabilities embedded within our supply chains. These incidents have not only disrupted operations but have also catalyzed regulatory responses that demand proactive risk mitigation.
Contractors must now contend with a growing third-party ecosystem where confidence in due diligence data is alarmingly low. According to Gartner, nearly half of organizations are only 1–50% confident in the accuracy of third-party information. This uncertainty underscores the need for robust, technology-enabled SCRM programs.
The acquisition landscape: Risk as a differentiator
The Department of Defense (DOD) and civilian agencies are embedding SCRM requirements into major acquisition vehicles. From the General Services Administration’s (GSA) Alliant 3 to the National Aeronautics and Space Administration’s (NASA) Solution for Enterprise-Wide Procurement (SEWP) VI, contractors are now expected to submit comprehensive SCRM plans and perform risk assessments as part of their procurement processes.
