Compliance Management, Government Regulations

Non-profit Global Business Alliance launches supply chain subsidiary

Town of Internet of Things in Hangzhou, China. Forescout found new vulnerabilities in a widely used industrial TCP/IP stack as part of their latest research. (Raysonho @ Open Grid Scheduler/Grid Engine/CC0 1.0)

The Global Business Alliance, a non-profit devoted to raising foreign investment in U.S. industry, announced Tuesday a subsidiary to help international companies manage supply chain concerns. 

GBA Sentinel will assist international companies operating in the U.S. that face a growing understanding of risk from upstream partners in their supply chains and an increasingly complex regulatory space – both by giving advice and by subsidizing a supply chain management toolkit.

"Understanding the expansiveness of the regs certainly is the beginning part of the difficulty companies will have. But the real challenge is that the number of vendors and products in supply chains can be enormous," said Nancy McLernon, president and CEO of the GBA.

A lot gets made about the difficulty small businesses have in the new spate of federal and military contractor cybersecurity regulations, and for good reason: Small businesses are less likely to have the resources, experience and infrastructure to engage with rigorous cybersecurity requirements. GBA represents many sizable, truly global firms –  and yet supply chains are one area where large businesses can be at a similar security disadvantage. The more vendors that feed into a final product or a business process, the more potential weak links exist along the way. Rules like Defense Department CMMC require assurances that every vendor of every vendor, ad infinitum, follow security protocols.

The toolkit will be supplied through a partnership with Fortress Information Security, which is traditionally focused on the security of the energy market. Fortress executive chairman and co-founder Peter Kassabov said that the company's experience securing one of the United States' most heavily regulated industries in terms of cybersecurity would serve GBA members from every sector, particularly those who had never had to worry about supply chains in the past.

"There's a reason utilities, one of the most regulated industries, took a long time just to even understand what is inside of many of their critical systems and to learn to monitor this kind of complexity in the supply chain," he said. 

GBA expects the assistance will help both the companies currently facing new regulations and the ones that want to shore up their security for business and national security reasons. McLernon said she hoped Americans would appreciate that it was foreign headquartered firms making early inroads into American supply chain security.

"Our members are headquartered globally, in 22 countries. These are our allies. So this is a great example of why it's so important, working with our allies, to deal with the growing threats. And so to have foreign companies in the U.S. taking a leadership role in securing our supply chains is something I think is worth noting..." she said. 

Joe Uchill

Joe is a senior reporter at SC Weekly, focused on policy issues. He previously covered cybersecurity for Axios, The Hill and the Christian Science Monitor’s short-lived Passcode website.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.