I’ve been referencing the BIOSECURE Act in these pages for months — in the biomanufacturing thesis, in the generic drug analysis, in passing asides about procurement signals and supply chain fragility. I’ve treated it as established context. Background architecture. The thing that’s already happened and that everyone in this space already knows about.
I haven’t written a dedicated piece on it. That was a mistake, and I want to correct it now — not because the law is new, but because I think the public conversation about what it does has settled on exactly the wrong feature. The debate was about names. Which Chinese biotech companies would be designated. Whether BGI would make the list. Whether WuXi AppTec’s lobbying campaign would succeed. Whether the five-company approach was too narrow or too broad.
That was the wrong debate. The version of the BIOSECURE Act that passed in the FY2026 NDAA doesn’t name five companies. It builds a machine. And the machine is more important than any list of names could ever be.
The podcast audio was AI-generated using Google’s NotebookLM.
What the Law Actually Built
Let me describe the mechanism, because the legal architecture matters more than the headlines suggested.
Section 851 of the FY2026 NDAA bars federal agencies from procuring biotechnology equipment or services from any “biotechnology company of concern.” It also bars agencies from contracting with entities that use covered biotech equipment or services in performing federal work — a downstream prohibition that extends the law’s reach beyond direct government suppliers into their supply chains. Loan and grant funds are covered too. The scope is broad and deliberate.
But the designation mechanism is where the real design work happened. The law establishes two pathways for identifying a biotechnology company of concern. The first is automatic: any company on the Department of Defense’s Section 1260H list of Chinese military companies that is involved in biotech equipment or services is designated by operation of law. No additional review. No notice. No comment period. You’re on the 1260H list and you touch biotech — you’re covered.
The second pathway is criteria-based. The Office of Management and Budget (OMB) leads an interagency process to identify companies that are subject to the direction or control of a foreign adversary, involved in biotech equipment or services, and assessed to pose national security risks — affiliations with foreign adversary militaries, provision of multiomic data to a foreign adversary, collection of human multiomic data without informed consent. This pathway includes procedural protections: 90 days to respond, periodic review, a process for requesting removal.
Two tracks. One fast and automatic, one deliberate and procedural. Different temporal profiles for different risk profiles. That’s not a blacklist. That’s governance architecture.
The Cybersecurity Lesson Nobody Applied
Here is where I want to draw a connection that I think reframes what the BIOSECURE Act actually represents — and what it tells us about how we’re learning to govern frontier technology supply chains.
For three decades, cybersecurity evolved through a specific failure mode. The early approach was signature-based detection: identify known malware, build a signature, distribute it to endpoints, block the match. It worked — until it didn’t. The attack surface expanded faster than signatures could be written. New variants appeared daily, then hourly. The lag between a novel threat and its corresponding signature became the vulnerability itself. By the time the signature existed, the damage was done.
The industry’s response — the one that actually worked — was behavioral detection. Stop looking for known bad actors. Start looking for patterns of malicious behavior. Build systems that can identify threats they’ve never seen before, based on what the threat does rather than what it is. The shift was from static lists to adaptive systems. From recognition to pattern-matching. From naming the enemy to understanding the behavior that makes something an enemy.
The BIOSECURE Act’s legislative evolution mirrors this transition almost exactly.
The original bills named five companies. That’s signature-based governance. Identify the known threat actors, put them on a list, block them. It would have worked for those five companies. And it would have been obsolete within a year, as corporate restructuring, subsidiaries, joint ventures, and successor entities routed around the designations. You cannot blacklist your way to supply chain security any more than you can signature-match your way to network security. The threat surface evolves faster than the list.
The version that passed builds behavioral detection into the governance architecture. The 1260H pathway captures entities based on their assessed relationship to the Chinese military — a behavioral criterion, not a corporate identity. The OMB criteria-based pathway captures entities based on what they do: whether they’re subject to foreign adversary control, whether they handle multiomic data in specified ways, whether their affiliations pose national security risks. The criteria travel. When a new entity emerges that exhibits the designated behavior, the system can capture it without new legislation.
This is the design principle that matters: the law doesn’t just address the current threat. It builds the institutional capacity to address threats that don’t exist yet. And that distinction — between a law that solves today’s problem and a law that builds the machinery for tomorrow’s — is the distinction between a sandbag and a levee.
The Temporal Gap
But here’s where the design gets complicated, and where I think builders and policymakers need to pay close attention.
The BIOSECURE Act’s prohibitions don’t take effect upon enactment. They take effect after the Federal Acquisition Regulation is revised — 60 days after the FAR update for 1260H-designated entities, 90 days after for criteria-based designations. OMB has one year to compile the initial list. The FAR revision process has its own timeline. A five-year rule of construction protects legacy agreements, including previously negotiated options.
Add it up. The law passed in December 2025. The OMB list arrives no earlier than December 2026. FAR revisions follow. Effective dates trigger months after that. Legacy agreements survive for five years. The full force of the prohibition may not bind across the federal procurement landscape until 2028 or beyond.
I wrote last week about temporal architecture — about the gap between when a system is designed and when it actually operates. The BIOSECURE Act is a case study. The governance intent is sound. The institutional machinery is well-designed. But the implementation timeline introduces a temporal gap during which the very dependencies the law aims to eliminate continue compounding.
Wright’s Law doesn’t pause for rulemaking. Every month that foreign producers continue descending the biomanufacturing learning curve while domestic alternatives are not yet incentivized by the procurement shift is a month the cost gap widens. The 1260H pathway is faster — no procedural protections, no comment period, automatic designation. But it only captures entities already identified as Chinese military companies. The broader criteria-based pathway, which covers the more complex supply chain risks, is the slower one.
This is the governance latency problem applied to procurement policy. The detection happened — Congress identified the vulnerability. The interpretation happened — the law’s criteria are well-specified. But execution latency — the time between legislation and operational effect — is measured in years. And in those years, the problem the law was designed to solve continues operating on its own timescale.
The Levee’s Boundary
There’s a second structural tension that I think deserves more attention than it’s getting.
The BIOSECURE Act covers federal procurement. Executive agencies. Government contracts, grants, and loans. This is the lever the government controls directly, and it’s the right place to start.
But recall the numbers from the BENS report I wrote about in the generic drug piece. Ninety-one percent of American prescriptions are generics. The federal government is a significant pharmaceutical purchaser, but it is not the whole market. The cascading dependency — China to India to American pharmacy counters — operates primarily through commercial supply chains that the BIOSECURE Act does not reach.
The law addresses the 27% of military drug purchases that the Department of Defense study found depend on PRC suppliers. That’s critical. But it doesn’t restructure the commercial supply chain that delivers the other prescriptions — the ones that civilian hospitals, retail pharmacies, and patients depend on. The 679 APIs for which China is the sole KSM supplier don’t become less concentrated because federal agencies stop buying from designated entities.
This isn’t a criticism of the law. It’s a diagnosis of its boundary conditions. The BIOSECURE Act is the first structural levee in a flood zone that extends well beyond the federal procurement riverbank. And understanding what it covers — and what it doesn’t — is essential for anyone trying to build the next section.
The Medicaid Drug Rebate Program safe harbor is a telling detail. The law had to include a specific provision ensuring that drug manufacturers wouldn’t be penalized in the Medicaid system when the national security prohibitions prevent them from executing a VA master agreement. The fact that this carve-out was necessary reveals how deeply entangled the pharmaceutical procurement system is — pull one thread and you risk unraveling programs that millions of patients depend on. The legislators knew this. They built the safe harbor because they understood that the system’s complexity is itself a constraint on the pace of decoupling.
What the BIOSECURE Act Means for the Spiral
In the biomanufacturing reindustrialization thesis, I described five tactical domains where the spiral needs to enter simultaneously: facility strategy, procurement signals, capital structure de-risking, science infrastructure, and downstream bottleneck identification. The BIOSECURE Act is a procurement signal — the clearest one the federal government has sent to the biotech supply chain.
But a procurement signal without domestic capacity to receive it is a demand curve with no supply response. If federal agencies cannot buy from designated foreign providers, they need qualified domestic or allied alternatives. If those alternatives don’t exist yet — if the facilities haven’t been built, the workforce hasn’t been trained, the learning curves haven’t been descended — then the procurement signal creates disruption without creating restructuring.
This is why the BIOSECURE Act cannot be understood in isolation. It is one instrument in a system that requires simultaneous activation. The law creates the pull. But the push — the capital, the facilities, the continuous manufacturing capacity, the workforce, the allied sourcing partnerships — has to come from the other four domains. The BIOSECURE Act is necessary and insufficient. Exactly as designed. Exactly as it should be — because a single law that tried to do all five things would be a law that did none of them well.
The implementation window is the strategic variable. The years between now and full enforcement are not dead time. They are the window in which domestic and allied biotech manufacturing capacity must be built to receive the demand that the BIOSECURE Act will redirect. If that capacity exists when the prohibitions bite, the law works as intended — a structural intervention that reshapes procurement flows toward secure, resilient sources. If that capacity doesn’t exist, the law creates compliance burdens, waiver requests, and workarounds that preserve the dependencies it was designed to eliminate.
The race is not between the law and the companies it designates. The race is between the law’s implementation timeline and the domestic manufacturing base’s construction timeline. That’s the tempo that matters.
I keep returning to the cybersecurity analogy because I think it carries one more lesson
The shift from signature-based to behavioral detection didn’t happen all at once. It happened in layers. First generation: known signatures. Second generation: heuristic analysis. Third generation: machine learning on behavioral patterns. Each generation was necessary and insufficient. Each generation built the institutional muscle for the next.
The BIOSECURE Act is a first-generation adaptive governance instrument for biotech supply chain security. It builds the machinery — the designation pathways, the interagency coordination, the procedural protections, the FAR integration. It doesn’t solve the problem. It builds the institutional capacity to address the problem over time. And it will need to evolve. The criteria will need refinement. The OMB process will need to get faster. The scope may need to extend beyond federal procurement. The allied coordination dimension — the friend-shoring architecture — will need its own instruments.
But the machinery exists now. The designation pathways are built. The interagency process is specified. The temporal architecture — fast track for known military-linked entities, deliberate process for complex cases — reflects genuine governance design thinking.
The debate about five companies is over. The debate about whether the machinery works — whether the implementation timeline aligns with the construction timeline, whether the procurement signal generates a supply response, whether the levee extends far enough to matter — is just beginning.
At the frontier of technology, the experiment is not whether we can identify the threat. It is whether we can build the institutions that adapt as fast as the threats they govern — and whether we can build the industrial base to absorb the demand those institutions create, before the window closes.
— Titus
