The 2025 National Defense Authorization Act (NDAA), signed into law by President Biden on Monday, authorizes several cyber-related initiatives, including funding for the FCC’s Rip-and-Replace program.

Over the past several years the US has been working on removing China-made equipment from telecommunications networks due to the cyber and national security threats posed by such devices. 

Small telecom firms — ones with less than 10 million customers — were provided $1 billion in funding by the previous Trump administration to replace equipment made by Chinese companies such as Huawei and ZTE. 

In 2021, the FCC announced accepting applications from small communications services providers, saying that the total funding was $1.9 billion for this program, named the Secure and Trusted Communications Networks Reimbursement Program and dubbed ‘Rip-and-Replace’.

However, a few months later the FCC said small telecoms firms actually need a total of $5 billion to replace all Chinese equipment in their networks.  

Last month, the agency reiterated that it still needed $3.08 billion to replace insecure equipment at 126 carriers, and now the remaining funding has been approved through the 2025 NDAA.

“Funding for the Reimbursement Program will be paid for by the proceeds from an FCC auction of AWS-3 spectrum,” the FCC explained. 

In addition to the Rip-and-Replace funding, the 2025 NDAA authorizes measures for protecting Department of Defense devices “from the proliferation and use of foreign commercial spyware”.

The NDAA also authorizes the creation of a dedicated cyber intelligence capability to support the Defense Department’s military cyber operations. 

The bill also authorizes cyber threat tabletop exercises for the defense industrial base. 

In addition, the bill calls for an evaluation of cybersecurity products and services for mobile devices used by the Pentagon. 

In terms of artificial intelligence, the NDAA authorizes the establishment of an AI Security Center to promote secure AI adoption and the development of guidance to prevent and mitigate counter-AI techniques. In addition, the bill seeks improvements on defining and identifying the Pentagon’s AI workforce. 

Related: Bipartisan Legislation Seeks Stronger Healthcare Cybersecurity

Related: Bipartisan Bill to Tighten Vulnerability Disclosure Rules for Federal Contractors

Related: California Governor Vetoes Bill to Create First-in-Nation AI Safety Measures