Tap any paragraph to write a margin note. Your notes collect in the Desk below the text and file under cases with @. The side-by-side margin rail opens on a larger screen.

§
Marginalia
Code · BILL · 116th Congress · S. 2316 (Introduced in Senate) — To require a plan for strengthening the supply chain intelligence function, to establish a National Supply Chain Inte... · Sec. 2

Sec. 2. Findings and sense of Congress

920 words·~4 min read·/bill/116/s/2316/is/section-2

A research copy — for the controlling text, always check the official state or federal source. Not legal advice.

Congress makes the following findings: Fifth generation telecommunications technology (commonly referred to as 5G ), as well as other emerging technologies, will revolutionize the technology industry, becoming a vital part of day-to-day business and life, and requires secure supply chains for the national security of the United States. An insecure supply chain for products supplied to the United States Government can lead to a degradation of critical infrastructure and technology items that are essential to the defense of the United States.
The United States Government confronts adversaries who seek to offset the military strength of the United States through asymmetric, nonkinetic actions that compromise and neutralize the decision-making systems, processes, and warfighting capabilities of the United States. These adversaries take advantage of the open and democratic system of the United States that prioritizes governmental transparency to connect citizens with the actions of the Government. The National Defense Strategy identified Russia and China as primary strategic competitors of the United States.
Russia and China seek to steal sensitive defense information from the United States through the use of blended espionage operations in the supply chain, supply chain activities, and cyberspace, and through insider threat human actors. The actions of Russia and China go well beyond theft of critical military technology, threatening the integrity and readiness of information and weapons systems and potentially enabling key elements of the strategies of an adversary to defeat the Armed Forces of the United States across the spectrum of conflict.
According to some estimates, cybersecurity spending in the United States from 2017 to 2021 will exceed $1,000,000,000,000 among the public and private sectors. Even with these large investments in cybersecurity, the United States remains vulnerable to advanced cyber actors like Russia and China. Since 2013, more than 6,000,000 individual data records have been compromised every day through data breaches, with nearly half of these losses occurring in the Government sector. Large expenditures of resources and a protective strategy that relies on firewalls and boundaries that can be breached by a persistent actor are clearly insufficient and completely ignore the supply chain vector.
Military weapons systems are not immune to cyber vulnerabilities. An October 2018 Government Accountability Office report found that nearly all weapons systems of the United States have cyber vulnerabilities the scale of which the Department of Defense is just beginning to grapple with . Furthermore, the report stated that despite multiple warnings since the early 1990s, cybersecurity has not been a focus of weapon systems acquisitions . There have been numerous press stories about data breaches and theft of United States sensitive technology that prove that cyber vulnerabilities are real and not theoretical.
The Department of Defense will spend more than $1,600,000,000,000 to develop and field its current portfolio of weapons systems. Conducting acquisitions without making security resiliency a key discriminator in capability development and contract award decisions could potentially lead to additional losses of technological advantages of the Armed Forces and negate efforts to improve the capabilities of the Armed Forces to meet the National Defense Strategy. Software, hardware, and services supply chains have proven to be major means through which adversaries seek to gain access to weapons systems and information and communications technology platforms and systems of the United States.
Vulnerabilities in these critical areas introduce unacceptable risks to human life and the ability of the Armed Forces to execute the missions the public of the United States expects of them. The establishment of the Protecting Critical Technology Task Force of the Department of Defense and the Information and Communication Technology Supply Chain Risk Management Task Force of the Department of Homeland Security is a welcome first step, but the United States Government requires a fundamental security culture change.
The innovative technologies that will help the Armed Forces, economy, and industry of the United States maintain competitive advantages over the competitors of the United States are developed in private industry and in academia. Engagement to find solutions with industry stakeholders and allied countries to mitigate the clear, present, and rapidly evolving threats to the national security of the United States is necessary. A national center to unify efforts across the whole of government to strategically warn of and support the mitigation of threats to supply chains and supply chain activities is vital to the cybersecurity, critical infrastructure, and national security of the United States.
It is the sense of Congress that— the United States Government should endeavor to deliver warfighting capabilities to operational forces without having critical information or technology wittingly or unwittingly lost, stolen, or modified; the Department of Defense and the whole of the United States Government should adapt to the challenges presented by adversaries while maintaining as much transparency with the people of the United States as possible; stronger effort should be placed on securing the vast supply chains of the contractors responsible for developing and producing the defense related capabilities of the United States; the efforts of the Department of Defense, the Department of Homeland Security, and the Federal Acquisition Security Council to protect critical technologies should be action oriented with clear outcome expectations and chains of accountability; technology protection should begin long before a contract is signed between a contractor and the United States Government; the United States Government should improve its ability to collaborate to protect both the open research environment and emerging military technologies; and the United States Government should focus on supply chain security to ensure that military systems and systems required for sensitive activities are not acquired or operated in a compromised state.
★   the supreme law of the land   ★
Don't Tread on Me
E Pluribus Unum — out of many, one

"If you don't know your rights, you don't have any."

Marginalia · a citizen's law index
A research desk, not legal advice. Always read the cited source before relying on a summary.
Questions or an issue? support@self-law.org
disclaimerMarginalia is a research index, not a law firm. Nothing on this site is legal, tax, or financial advice and no attorney–client relationship is formed by using it. Statutes, regulations, and case law change; summaries, search results, AI output, and member posts may be incomplete, out of date, or wrong. Any interpretation drawn from material on this site should be validated by a licensed attorney in your jurisdiction before you act on it.