WE'RE STANDING GUARD AGAINST CYBER SUPPLY CHAIN ATTACKS
Helping Members of the Global Business Alliance Quickly Identify
and Address Their Supply Chain and Cyber Vulnerabilities
of software components used in today’s applications come from third parties.
ABOUT GBA SENTINEL
GBA Sentinel is designed to help CISOs, VPs of Supply Chain, Heads of Federal Sales and other top executives address their cyber and supply chain vulnerabilities by connecting them with industry leading experts.
GBA Sentinel gives GBA members premier access to the cutting edge tools they need to audit and monitor their supply chains and cybersecurity. We are proud to provide GBA members substantially discounted use of Fortress Information Security’s industry-leading supply chain risk management compliance tools.
Given the scale of threat vectors facing America’s federal contractors, combined with the velocity of recent regulatory activity, Fortress Information Security helps Global Business Alliance members efficiently identify potential supply chain and cyber vulnerabilities.
As we have seen in past iterations, international companies could face additional barriers and scrutiny because of their global heritage.
ABOUT FORTRESS INFORMATION SECURITY
Fortress Information Security is at the leading edge in ensuring the technology you use won't be used against you.
Over 80% of software components used in today’s applications come from third parties.
Fortress uses its proprietary AI technology to allow companies to quickly assess their digital and physical supply chain for potential vulnerabilities.
Traditional security programs consistently operate according to priorities and paradigms from past eras, resulting in antiquated and inadequate security systems.
The Fortress Platform addresses supply chain risks through its comprehensive Integrated Supply Chain Risk Management Solution that integrates and orchestrates multidimensional risk analysis and remediation of supply chain, manufacturing, IT, InfoSec, corporate governance, and contract risks.
THE REGULATORY ENVIRONMENT
Supply chain risk-management is critical for industry and government alike. Policymakers have long been concerned with supply chain threats posed by secondary and tertiary suppliers. This has spurred a new wave of expansive regulatory action in the United States that is likely to continue for the foreseeable future.
Here are two regulations that federal government contractors cannot ignore:
NDAA Sec. 889 requires government contractors to certify the products they sell the government are not supplied by certain Chinese companies:
Part A prohibits the government from obtaining (through a contract or other instrument) certain telecommunications equipment (including video surveillance equipment) or services produced by covered entities and their subsidiaries and affiliates
Part B prohibits the government from contracting with any entity that uses certain telecommunications equipment or services produced by the entities listed in the statute.
The CMMC is intended to serve as a verification mechanism to ensure appropriate levels of cybersecurity practices and processes are in place to ensure basic cyber hygiene as well as protect controlled unclassified information (CUI) that resides on the Department of Defense's industry partners' networks.
GET IN TOUCH
Have a particular challenge you’re trying to address? Let's see if we can help!