MAR 06, 2019 | US
BSA Submits Supply Chain Security Recommendations to Congress
Politico Morning Cybersecurity, March 7, 2019
By Tim Starks
The Pentagon’s supply chain security program should accommodate businesses concerned about “opaque” decisions to ban their products from military networks, the software trade group BSA said Wednesday in a letter to the leaders of the House and Senate Amed Services committees. The most recent defense policy bill gave the Pentagon the authority to put companies on blacklists if their products are deemed insecure or risky, and BSA said that while it understood the need for these “potent tools,” there was “a risk that such opaque processes” would encourage foreign governments to make “non-risk management-based protectionist” decisions.
BSA recommended that this blacklist program be amended to require “processes to, absent exceptional circumstances, notify vendors excluded from a competition of their exclusion and the reasons for it and to ensure a viable means of protesting or appealing the exclusion decision.” The letter also made recommendations about supply chain research, vendor contract language, and relying on industry standards. And it encouraged Congress to direct the Pentagon to buy commercial off-the-shelf software wherever appropriate.
BSA | The Software Alliance (www.bsa.org) is the leading advocate for the global software industry before governments and in the international marketplace. Its members are among the world’s most innovative companies, creating software solutions that help businesses of all sizes in every part of the economy to modernize and grow.
With headquarters in Washington, DC, and operations in more than 30 countries, BSA pioneers compliance programs that promote legal software use and advocates for public policies that foster technology innovation and drive growth in the digital economy.