On November 18, 2013, the U.S. Department of Defense (DOD) published an interim rule amending the Defense Federal Acquisition Regulation Supplement (DFARS) that will likely prove controversial through the inclusion of supply chain security considerations in bid awards and service and task orders relating to national security systems (NSS). The interim rule, effective on publication, fulfills a statutory mandate and laudable goal but contains numerous provisions that will be difficult for contractors to manage. Comments on the interim rule are due by January 17, 2014.

Information security concerns have been front and center over the past several years, including with regard to the effectiveness of the White House’s Comprehensive National Cybersecurity Initiative; the discovery of evidence of illegitimate or malicious hardware in government laptops; and the increased globalization of the supply chain, particularly for information technology (IT) products. Even genuine IT components, which are often designed, manufactured and finally assembled in various countries, may contain parts that are not produced by legitimate actors. The ensuing risk is that government IT, which is not the subject of proper supply chain integrity, may undermine federal and DOD security.