$3 billion in funding for the FCC's rip-and-replace program is provided by the 2025 NDAA.

President Biden has enacted the 2025 National Defense Authorization Act, which includes significant provisions for various cybersecurity initiatives, with a major focus on completing the FCC's Rip-and-Replace program. This program aims to eliminate Chinese-manufactured telecommunications equipment from U.S. networks due to security concerns.

The initiative, which began under the Trump administration with a $1 billion allocation for small telecom providers, was expanded to $1.9 billion in 2021. However, the FCC later identified a need for $5 billion to completely remove Chinese equipment from these networks. The new NDAA addresses this funding gap, though the FCC recently confirmed it still requires $3.08 billion to complete equipment replacement at 126 carriers. This funding will be generated through AWS-3 spectrum auction proceeds.

Beyond the Rip-and-Replace program, the 2025 NDAA introduces several other cybersecurity measures. These include protecting Department of Defense devices from foreign spyware, establishing a dedicated cyber intelligence capability for military operations, and enabling cyber threat exercises for defense industry participants.

The legislation also focuses on artificial intelligence security, authorizing the creation of an AI Security Center to ensure safe AI deployment and develop strategies against counter-AI tactics. Additional provisions include evaluating cybersecurity solutions for Pentagon mobile devices and improving the definition and identification of the Defense Department's AI workforce.