Alliance of 200 international companies launches initiative to improve cybersecurity of the supply chain


The best listening experience is on Chrome, Firefox, or Safari. Subscribe to Federal Drive’s daily audio interviews on Apple Podcasts or PodcastOne.

The government has several initiatives underway to improve cybersecurity in the supply chain. Today, an alliance of 200 international companies launched its own initiative, in part to help members meet federal mandates and improve their cybersecurity. For more, Federal Drive with Tom Temin turned to Global Business Alliance President and CEO Nancy McLernon.

Tom Temin: Mrs McLernon, nice to have you.

Nancy McLernon: Thank you very much for having me.

Tom Temin: And we have to stress that this is not something that grew in response to cybersecurity. The Global Business Alliance has been around for a long time.

Nancy McLernon: Right, absolutely. So the Global Business Alliance began in 1990. We are the only trade association that exclusively represents the US operations of international companies in a very wide variety of industries in the manufacturing space and the service space.

Tom Temin: And just as a reminder, we must also point out that these companies have rules and laws under which they can legitimately obtain federal contracts by setting up separate firewalls and boards organized in the United States. And that’s how companies like Ericsson, Siemens, and some of the well-known international names can, in fact, work for the federal government. Right way to put it?

Nancy McLernon: Correct, absolutely. So whatever security protocols are needed for these companies to do business here with our national security agencies, they absolutely do. And these companies are not new investors in the United States, are they? These companies – the majority of which are from allied countries, our friends and allies around the world – have been in the United States for many decades, some for over a century. So these companies are certainly part of the fabric of our business community here. Their success here in the United States as part of the American success story.

Tom Temin: Of course, and they have a lot of Americans working for them here in the United States.

Nancy McLernon: Absoutely. They have about 8 million Americans working for them. And, you know, our members represent about 200 of them. And these are the largest of the foreign companies in the United States. The average foreign company employs around 1000 people; the average GBA member employs about 12,000 here in the United States, and our members come from 22 allied nations.

Tom Temin: Okay, let’s talk about cybersecurity, because there’s a lot going on in the federal government. I guess the CMMC program – the cybersecurity maturity model certification program – got a lot of entrepreneurs thinking about how to comply. Is this the main driver of this latest cybernetic initiative that you launched?

Nancy McLernon: So, you know, over the last few years, started under the Trump administration, and certainly continuing under the Biden ministry, we’ve seen more and more regulations online. The federal government’s national security apparatus grows, as threats increase. And so our companies wanted, of course, to make sure that their supply chains, their cyber, had the highest level of integrity. So, you know, obviously they want to be leaders in space. They know that as international companies operating in multiple jurisdictions, making things from components from all over the world, they can be a target. They therefore want to work in collaboration with the federal government to ensure the security of our critical infrastructure. So the Global Business Alliance, which is a trade association – we’re an advocacy group – started a subsidiary called GBA Sentinel. And it is through this subsidiary that we have partnered with a company called Fortress Information Security, to provide cutting-edge tools to ensure that integrity.

Tom Temin: We speak with Nancy McLernon. She is President and CEO of the Global Business Alliance. Part of this is to help companies comply with the CMMC, but also to be more specific about cyber for all other initiatives. For example, we have this big, long, 5,000 word cybersecurity executive order, and it affects businesses large and small.

Nancy McLernon: Yes indeed. Absoutely. And this is something that you know, as I mentioned, that our companies don’t just want to comply, they want to be leaders in the space. And so we are thrilled to have the opportunity to have GBA Sentinel partner with Fortress Information Security, because this company – and we have looked at a variety of companies, but we were extremely impressed with Fortress – they are the choice of many federal government agencies. . Their supply chain risk management technology is above any other we’ve spoken with. But in addition to complying with the rules that exist, wanting to show that our companies absolutely want to be as useful as possible to protect our critical infrastructures. our members are concerned that in fact, as foreign companies in the United States, they may be discriminated against in terms of federal contracts. And unfortunately, a few weeks ago, we saw that the National Reconnaissance Office made the political decision to exclude the US operations of foreign companies under tenders for certain commercial remote sensing work. And with the idea that, I guess, either these companies don’t employ as many Americans or their security isn’t as strong, that just isn’t the case. And while a policy like this seems to promote some sort of American workers, it actually pits American workers against other American workers, because we are talking about the American operations of foreign companies.

Tom Temin: And let me just ask you this: Are most of the companies that are part of the Alliance headquartered in Europe? Do you have any companies headquartered in China, for example?

Nancy McLernon: No. Europe is therefore the biggest investor in the United States, so European companies certainly represent the largest part of our members. I suggest that your listeners go to, to find out more about our subsidiary and then about our organization. It’s just

Tom Temin: OK. The point is, these are companies that have been here for a long time, not subsidiaries of Russian or Chinese companies or any other type of country where we have a certain rivalry, both military, economic and security.

Nancy McLernon: Of course, absolutely. And the ultimate ownership of a business shouldn’t be so much of an indicator that every business doing any kind of national security work has to endure the same rigors as any other. And my members have certainly met these riggers for decades.

Tom Temin: And this compliance tool is therefore available to all your members. Is the product Sentinel developed with Fortress available to anyone who wants to try it, even if they are not a member of the Alliance?

Nancy McLernon: Certainly yes. Again, they can go to, find out more, contact me. And you know, we could organize something. You know the number of vendors in a large corporation is huge, right? So even though some of the regulations that have been passed, decrees and so on, can certainly have a big impact on small and medium-sized businesses, because of the cost of some of these things, a big business, like businesses among my members, there are so many different vendors, and they need a tool to be able to navigate them effectively. It is becoming increasingly difficult to rely solely on your suppliers to provide us with information. You know, the term “trust but verify” definitely applies here. I think President Reagan made this famous Russian proverb, but this is the situation we find ourselves in. You know, companies definitely want to trust their suppliers. But we are now in a period of time that we have to check.

Tom Temin: And I imagine the semiconductor shortage – the IC shortage – gets everyone on edge, because if suddenly a new offering popped up, you would definitely want to verify that it is in fact manufactured to the standards that we have. need and the safety of the electronics that goes. And I imagine a lot of your members are manufacturers who rely on microelectronics for the core of their product.

Nancy McLernon: Yeah, absolutely. You are 100% right. We also have a number of semiconductor manufacturers among our members – Infineon, Bosch, TMC – so this is a problem for a very large number of our member companies.

Tom Temin: Nancy McLernon is CEO of the Global Business Alliance. Thank you very much for joining me.

Nancy McLernon: Thank you so much.


Comments are closed.