Exiger Achieves FedRAMP® Authorization for Supply Chain AI

Supply Chain Visibility: A Top Priority for the Defense Industrial Base

July 31, 2024

Article

Introduction

Supporting U.S. national security is a key mission for organizations that make up the Defense Industrial Base (DIB). One of the ways to deliver on that mission is through managing supply chain risks with full visibility into all tiers of suppliers, boosting resilience and continuity in critical operations.

This article will cover the DIB’s definition, its unique supply chain risks and impact on national security, and why supply chain visibility is foundational for enhancing military readiness.

What Is the Defense Industrial Base?

The Defense Industrial Base (DIB) refers to government, domestic, and foreign private sector companies operating globally that provide necessary products and services for sustaining and deploying military operations. These products and services can include defense research and development, manufacturing, weapons systems, and sensors. Over 100,000 companies work under contract with the U.S. Department of Defense to provide materials and services to the government for production and sustainment of military equipment, including weapons and technology.

The Department of Defense (DoD) and its component — the Under Secretary of Defense for Acquisition and Sustainment — is the U.S central body designed to defend and protect U.S. national security through the military’s supply chain.

In a recent speech on “Why America Needs the Defense Industrial Base,” Deputy Secretary of Defense Kathleen Hicks said, “The war in Ukraine has revealed how nation-state aggression is a real threat, requiring information-age ingenuity and industrial-era capacity. … Together, our task is to deliver combat-credible capabilities to the warfighter at speed and scale, so they can deter aggression, and win if called to fight.”

The DIB’s Role in Supply Chain Security

Because of its unique position with access to sensitive information and facilities, the DIB has the potential to be either a significant national security vulnerability or the strong and resilient backbone of national defense. Compared to typical commercial organizations, DIB organizations have an added challenge because of high rates of targeting by foreign adversaries and bad actors seeking to harm U.S. national security interests.

DoD and DIB entities are particularly concerned about the vulnerabilities inherent in critical technology programs, including data breaches, counterfeit, parts obsolescence, dual-use technologies, and export controls.

Several executive orders and policies focused on U.S. supply chain security and integrity underscore the necessity for DIB entities to implement rigorous third-party and supply chain risk management (SCRM). Securing Defense for Critical Supply Chains was released as a response to President Biden’s Executive Order 14017, which details guidelines to strengthen the resiliency of America’s supply chains. Other regulations include EO 14028 and CMMC 2.0 on cybersecurity, Section 889, the CHIPS Act and its risk-management protocols for semiconductors, and the UFLPA. In 2023, the Biden administration established the White House Council on Supply Chain Resilience, designed to enhance resilience in critical supply chains in the face of global shocks.

Compliance with these and other regulatory matters are essential for DIB entities to work with DoD and safely bolster its mission of readiness.

Supply Chain Risks in the Defense Industrial Base

Unlike many other commercial entities, DIB companies share many supply chain risks with DoD that go beyond traditional supply chain concerns like material shortages and the financial resilience of supplier networks. In addition to these common SCRM risks, the DoD has developed and maintains a more specialized and comprehensive approach to monitoring and mitigating these risks to ensure uninterrupted support for the warfighter and strengthen the resilience of the national defense industrial base. Examples of specialized defense risks include additional focus on foreign ownership, state-owned entities, NDAA-prohibited suppliers, critical technology list elements, cybersecurity, and hardware or software compromise.

To prevent introducing weaknesses into the U.S. defense supply chain, DIB organizations should consider these common risk areas:

Focusing on cost instead of national security: System-level manufacturers may unintentionally reduce supply chain transparency by simply seeking the cheapest producers without probing the integrity of the sources. More visibility is needed into the sub-tiers of critical infrastructure, like the microelectronics supply chain, to identify supply chain threats, risks, and vulnerabilities and ensure that parts are sourced from trusted suppliers.
Cyberattacks: Increasingly, adversaries are targeting suppliers in information and communications technologies (ICT)/networking supply chains. To protect national security interests, cybersecurity standards and enforcement mechanisms highlighted in Executive Order 14028 should be maintained, including the use and analysis of software bills of materials (SBOMs).
Microelectronics counterfeiting: In the Defense Industrial Base, microelectronic assets are present in nearly every weapons system and information system. Counterfeiting of microelectronic assets and materiel is a significant vulnerability, and ensuring that microelectronic suppliers are trusted is essential (part of the guidelines in the CHIPS Act).
Over-reliance on offshoring: Foreign Ownership, Control, or Influence (FOCI) risk associated with the DIB includes a heavy reliance on manufacturers and suppliers based in foreign nations. Diversifying the supply base to include U.S.-based or allied-based companies can increase resilience and reduce risk of compromise through foreign adversaries.

To address all these risks, the DIB needs to gain transparency into their sub-tier supplier ecosystems down to the item- or raw material-level to understand source provenance, security, and risk. The effort could prevent incidents like the F-35 production stoppage caused by ITAR violations from sub-tier suppliers.

Advanced Technology Delivers DIB Supply Chain Visibility

Gaining visibility into supply chains — at both the entity and item level — is a foundational best practice for supply chain management in DIB organizations. It provides an end-to-end view of the supply chain, making it possible to identify the full dimensions of supply chain risk hidden therein.

The complexities of SCRM demand advanced technology, like the supply chain AI in the 1Exiger platform. This comprehensive solution delivers end-to-end visibility for the entire supplier ecosystem. 1Exiger is the only open-source, third-party and supply chain risk management software that helps companies and government agencies achieve cost savings, resilience, and compliance in real time.

One of the leading aerospace and defense firms used Exiger’s technology to help de-risk their supply chain, and in the process achieved up to 35% savings on the cost of parts. They also mapped supply networks below the Tier 1 suppliers, gaining insights into where additional parts and materials were sourced. This allowed them to consolidate and leverage raw material volumes globally, thus simplifying their supply chain, reducing costs, and improving their risk posture.

Exiger’s award-winning, AI-powered technology is changing the way DIB organizations manage risk — contact us to learn more.

More Resources: