SAN FRANCISCO — Forget the Democratic Party’s presidential debates. The meandering pursuit of supply chain risk management, mixed with a heavy dose of nationalistic ferver, put-downs, and skepticism about the forces that are driving efforts to handicap Huawei’s role in technology was electrified today on stage at the RSA Conference.

A discussion with panelists from the U.S. Department of Defense (DoD), Huawei, a conservative think tank, and a security researcher got heated quickly. Pleasantries were few and far between. There were snappy comebacks, dramatic hand movements, uncomfortable and awkward shifts in seating positions, and bouts of bluster.

Throughout it all, a prevailing and undeniable truth remained above the fray. We should all be worried about every possible thing when it comes to the parts and components that combine to create the products and software that fuel technology.

“Supply chain security is an insurmountably hard problem. We can put backdoors in systems that cannot be found. We know that, especially if you control the hardware,” said Bruce Schneier, security technologist, researcher and lecturer at Harvard Kennedy School.

Countries of origin, equipment, programs, assembly, shipping, and software updates are all genuine causes for alarm, he said. “Our industry is deeply and irrevocably international in ways that make this impossible to solve. Now, that’s not fun, but that’s the world we’re in.”

Katie Arrington, cyber information security officer of acquisitions at the DoD, agreed with that assessment, adding that 100% security is unattainable because risks and technologies are constantly changing. “You buy down the risk and you buy up the uncertainty. You can’t secure everything,” she said.

Reducing that risk falls very much in line with various efforts undertaken by the U.S. government to blacklist Huawei and attempt to remove the Chinese vendor’s equipment from domestic and foreign networks.

“We have our own data. The recommendation was made to take Huawei out for a very specific reason,” she said. “There are reasons we are doing the things that we are doing.”

In her role overseeing supply chain risk management for DoD, Arrington is primarily concerned about weapons systems and critical infrastructure that it has control over. “We’re the people that actually have to do it, and I couldn’t in good conscience do it unless we took Huawei out. It’s too much of a risk,” she said.

“China has been blatantly ignoring [intellectual property] law, they have blatantly been taking whatever they want. And you can’t have it both ways. You can’t have your [intellectual property] and your data rights be yours and then give it to a country who takes it, mimics, copies, undersells, underbids you continually.”

Schneier bashed those comments as irrelevant to the discussion of supply chain risk. Indeed, Huawei is caught up in a blend of national security interests and trade policy, and that has sowed confusion and misinformation about some of the genuine security issues at play.

“Tying national security to trade policy makes for impossible security tradeoffs. Either this is a national security issue, in which case there are things we do and don’t do. Or this is a trade issue, in which case we negotiate on a variety of things. It cannot be both. It just doesn’t work,” Schneier said.

The U.S. government and others have rightly raised concerns about Huawei, but the “strategy of essentially kicking Huawei out of the global system” is the wrong approach and has been met with limited success, said Kathryn Waldron, fellow at R Street Institute.

“We need to have a much more holistic structured approach that not only looks at the risk of the moment, but then also what sort of policies can we put in place that will have positive economic growth and will provide market competitors,” she said.

Huawei is being singled out because it is headquartered in China, according to Andy Purdy, CSO at Huawei USA. While he applauded the U.S. government’s increased focus on information and communications technology, he criticized its approach as narrow and lopsided, adding that the same concerns should be raised with all vendors regardless of where they conduct business or house their operations.

“Block Huawei if you must, but we need to do a whole lot more to make America safer and make America more competitive in the world,” he said. “Make requests to the companies of what can be done to add the kind of level of trust that’s not there now, but to simply stand silent and not make demands and requests on the equipment providers doesn’t help the situation.”

Arrington conceded that more needs to be done, but didn’t go so far as to question the security of equipment from Ericsson, Nokia, Samsung, and others. “We all have to do better, 1000%, everybody,” she said.

As the panel came to a close, Schneier concluded with a relatively negative, albeit realistic, outlook. “We as a country are not willing to pay the price for the security we think we need,” he said. “We can do things here. They are going to be expensive. I do not believe that we have the appetite, whether it’s the military, the government, industry, anybody, to spend the money on secure devices, on devices that have the kind of supply chain security that would make a difference.”