Month: August 2020

Jennifer Bisceglie Honored as EY Entrepreneur Of The Year® 2020 Mid-Atlantic Award Finalist

Posted on by Harris Allgeier

Interos CEO and founder recognized for revolutionary approach to and leadership in supply chain risk management

ARLINGTON, Va., August 27, 2020 – Interos, the first and only multi-factor, multi-tier, third party risk management platform, announced today the selection of CEO and founder Jennifer Bisceglie as a finalist in EY’s Entrepreneur Of The Year® 2020 Mid-Atlantic awards. The recognition highlights Bisceglie’s leadership efforts in driving innovation and growth to transform the supply chain risk management industry.

With 25 years of industry experience managing risk in the global economy, Bisceglie founded Interos as a supply chain and vendor risk consultancy, providing unique analyst-driven insights. However, keeping pace with the growing complexity of global supply chains required finding a faster way to assess risk-influencing events that occur every day. In 2018, she recognized the emerging power of artificial intelligence and machine learning to address this need, transforming the company into a product-driven organization and establishing the Interos Platform, which delivers a revolutionary, technology-powered approach to real-time risk assessment. A sought-after expert on supply chain risk and business intelligence technologies, and one of a relatively small number of female CEOs in the tech and supply chain spaces, Bisceglie was chosen as a finalist by a national panel of independent judges.

“It is an honor to have been recognized as a finalist for EY’s Entrepreneur Of The Year 2020 Mid-Atlantic award,” said Jennifer Bisceglie, CEO and founder of Interos. “Since our founding in 2005, we’ve helped organizations around the world understand and better navigate risks deep within their supply chains. The growth of our team and exponential customer demand tell us that our philosophy has quickly become a business best practice in today’s globalized economy.”

COVID-19 has galvanized a new era of supply chain risk monitoring. With a 500% increase in inbound requests following the pandemic’s outbreak, Interos continues to see a surge in demand as organizations seek to better assess and mitigate risk in real-time. The company has experienced a 961% revenue growth since January 2019 and closed a $20MM Series B funding round in March 2020, alongside announcing plans to triple its year-over-year sales growth.

“Interos’ corporate culture is one of integrity, empathy and a passion for innovation,” Bisceglie added. “Every employee has a role in helping drive the company further toward success, contributing to an astonishing level of diverse experience.”

Entrepreneur Of The Year is one of the preeminent competitive award programs for entrepreneurs and leaders of high-growth companies. The nominees are evaluated based on six criteria, including overcoming adversity; financial performance; societal impact and commitment to building a values-based company; innovation; and talent management. This year, unstoppable entrepreneurs who have provided extraordinary support for their communities, employees and others during the COVID-19 crisis will also be recognized for their courage, resilience and ingenuity.

Award winners will be announced through a special virtual event in early October and will join a lifelong community of esteemed Entrepreneur Of The Year alumni from around the world. Regional award winners are eligible for consideration for the Entrepreneur Of The Year National Awards to be announced in November during a virtual awards gala. The Entrepreneur Of The Year National Overall Award winner will then move on to compete for the EY World Entrepreneur Of The Year™ Award in June 2021.

About Interos

Interos protects customers’ brand and operations from risk in their extended supply chains and business relationships. The first AI-powered platform for eliminating multi-party, multi-factor risk from 3rd, 4th to nth tier parties, Interos automates discovery, detection, and response to financial, operations, governance, geographic, and cyber risk. Designed by experts and leveraging the company’s 15 years of experience in managing the world’s most complicated supply chains, Interos provides real-time risk management for the largest commercial brands in manufacturing, financial services, and aerospace and defense. For more information, visit interosai.kinsta.cloud.

About Entrepreneur Of The Year®

Entrepreneur Of The Year® is the world’s most prestigious business awards program for unstoppable entrepreneurs. These visionary leaders deliver innovation, growth and prosperity that transform our world. The program engages entrepreneurs with insights and experiences that foster growth. It connects them with their peers to strengthen entrepreneurship around the world. Entrepreneur Of The Year is the first and only truly global awards program of its kind. It celebrates entrepreneurs through regional and national awards programs in more than 145 cities in over 60 countries. Winners go on to compete for the EY World Entrepreneur Of The Year™ title. ey.com/us/eoy

About EY                                                                                                        

EY is a global leader in assurance, tax, strategy, transaction and consulting services. The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. We develop outstanding leaders who team to deliver on our promises to all of our stakeholders. In so doing, we play a critical role in building a better working world for our people, for our clients and for our communities.

EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. Information about how EY collects and uses personal data and a description of the rights individuals have under data protection legislation are available via ey.com/privacy. For more information about our organization, please visit ey.com.

Cybercrime, Supply Chains, and COVID-19 w/ Ori Eisen

Posted on by Harris Allgeier

Episode 11:

Cybercrime, Supply Chains, and COVID-19 w/ Ori Eisen

 

“I think the broader economy had no real insight into this evolving mindset of the US government on these Chinese technology companies.” –  Megan Brown

Every time a major global event occurs, whether it’s a celebrity dying or some sort of fantastical news story, the bad guys are sitting there waiting for a chance to get into your inbox. 

With a new identity theft victim every 2 seconds, and with stolen credentials/identities playing a key role in supply chain cyber attacks, the worlds of supply chain, internet fraud, and cybercrime are constantly overlapping with one another. 

The world is increasingly being driven online and with that comes an untold number of places that criminals can get to us. 

Banking, shopping, utilities, mortgage, car payments. It all lives online. So what do you do if someone gets a hold of your passwords? 

On this episode of What Lies Beneath, we talk to Ori Eisen, founder & CEO of Trusona, all about: 

  • Why having a unique password & username may not be enough to keep you safe
  • The intersection of supply chain, internet fraud, & cyber crime
  • How his career has led him to work with an organization fighting child sex trafficking

Listen & Subscribe!

To learn more, check out the podcast above, or on Stitcher, Apple Podcasts, Google Play, Spotify, or wherever you listen to podcasts. If you like what you hear, please rate and review the show, or share it with a friend! New episodes air every other Tuesday.

To learn more about how Interos can help you with Section 889 Part B compliance, visit Interos.ai.

 

Guest Bio

 

Ori Eisen: Founder and CEO of Trusona, a company that provides passwordless multi-factor authentication for enterprises. In addition to Trusona, Ori also founded 41st Parameter – a leading online fraud prevention and detection solution. Ori was previously the Worldwide Fraud Director for American Express.

Ori holds over two dozen cybersecurity patents and, in his free time, volunteers with Thorn, an organization dedicated to fighting and ending child sexual abuse and trafficking. It’s fair to say that Ori has dedicated his life to fighting online crime.

Supply Chain Insights & Standouts: August 21 – Helping Heal Beirut

Posted on by interos-blogger

The explosion of 2,750 tons of ammonium nitrate in the Port of Beirut has created a massive challenge for residents and aid workers to heal the injured and reorganize a shattered city. Losing the port as an access point for deliveries is requiring traditional aid supply chains to be reinvented to deliver to Lebanon’s capital. This problem also extends far beyond the city. Before now, the entire Lebanese population of 6 million relied on the Port of Beirut for 60% of imports, including most of the country’s food and vital supplies. With state inaction and corruption to blame for the blast, the government has resigned, leaving cleanup and aid efforts without a single clear authority to call upon. Without a clear point of entry or local government, the international community has quickly organized to introduce new supply chains and deliver necessary aid however possible.

Just a few days after the blast, 20 governments and international organizations landed over 15 planes and 2 helicopters carrying more than 400 medical experts and rescuers, including 13 search dogs. 600 new temporary hospital beds have been set up to reduce the strain on damaged local facilities. Without the ability to land in the port, most of the supplies needed for immediate search-and-rescue and relief was rerouted through the Beirut Airport, which is normally reserved for mostly passenger travel. Medium-term aid, such as replacements for the 120,000 tons of grain held in the port’s destroyed silos, is squeezing through Lebanon’s secondary port of Tripoli, which has only one-third of Beirut’s former capacity. Without any grain silos remaining in the country, shipments are being sent directly inland to private millers for immediate processing.

An aerial view shows the massive damage at Beirut port’s grain silos (C) and the area around it on August 5, 2020, one day after a massive explosion hit the harbour in the heart of the Lebanese capital. – Rescuers searched for survivors in Beirut in the morning after a cataclysmic explosion at the port sowed devastation across entire neighbourhoods, killing more than 100 people, wounding thousands and plunging Lebanon deeper into crisis. (Photo by – / AFP) (Photo by -/AFP via Getty Images)

The challenge will require more than healing those injured and rebuilding the city. Lebanon was already facing a struggling economy and took on the greatest share of refugees from war-torn Syria. Thousands emigrated to find better lives even before the blast. Reconstruction efforts must also be careful to contain a second wave of coronavirus. The next challenge—rebuilding the Port of Beirut before food supplies run dry—will be more difficult. Direct aid for citizens, such as temporary food deliveries and medical assistance, is popular for among the constituencies of international leaders. Building infrastructure for the corrupt Lebanese government is far less desirable. The task has, for now, fallen on the World Food Programme (WFP), a division of the United Nations. After clearing rumble to find survivors, the organization hopes to clear enough to build temporary port facilities. Mobile storage units, forklifts, cranes, generators, and more have already been delivered by plane to begin the task.

Without a central authority to organize shipments and deliveries, a mix of formal and informal organizations have worked to move as efficiently as possible. With international support, particularly from nearby countries, the WFP and medical aid NGOs are bringing supplies into the country and boosting medical capacity. Meanwhile, a vast network of extraordinary Lebanese citizens has organized to clear roads, deliver goods to those in need, and rebuild housing. Using Google Maps, volunteers have organized recycling pick-ups to reuse broken glass.

The tragic toll of this disaster will continue until permanent port facilities are built and trends in the economy and coronavirus stabilize, but the people of Beirut and aid workers have shown an incredible ability to reorganize through crisis and help those in need. Against the numerous challenges of this crisis, unique innovations in delivering aid and community action have proven to be resilient.

Check out our previous Supply Chain Standouts or learn more about increasing resiliency.

Interos Announces New Capabilities to Simplify Collection and Sharing of Advanced Supply Chain Risk Information Across Multiple Enterprise Functional Teams

Posted on by Harris Allgeier

Built on the new Interos Resilience Operations Center (IROC™) Framework for The Earliest Detection and Fastest Response to Vulnerability and Distress in Enterprise Supply Chains

Arlington, VA, August 18, 2020, — Interos, the first and only multi-factor, multi-tier supply chain risk management platform, announces the immediate availability of a new set of features to accelerate detection and sharing of supply chain risk across multiple enterprise functions including Procurement, Business Continuity Planning, Enterprise Risk Management, and Information Security Risk teams.

The COVID-19 pandemic, fractured trade pacts, adversarial geopolitical agendas, and new regulatory requirements (including NDAA Section 889 Part B) governing the use of foreign technologies and infrastructure have triggered a ‘reset’ in enterprise strategies for third-party risk management. As just-in-time fulfillment gives way to a focus on operational resiliency and greater agility, companies must embrace a framework optimized for the rapid detection, collection, and sharing of risk information within and across supplier ecosystems.

The latest set of Interos product features advance principles of this new architecture, the Interos Resilience Operations Center (IROCTM) framework, for information sharing, and rapid response to supplier vulnerability and distress.

Alerts notify analysts when changes to supplier governance, geographic, and financial risks are detected.  Customer Enriched Data allows our customers to bring additional information to our AI engine from their internal business systems, including capacity, financial, and contractual risk data.  This information is protected and isolated from Interos managed information and allows for faster triage, priority and mitigation decisions.  Overlays provide instant visibility of COVID-19 impact, geographic and vendor concentration risk, as well as compliance with NDAA 889, and CMMC.  APIs make it easy to integrate external data sources and business systems including Procurement, Ethical Sourcing, Enterprise Risk Management, Fraud and Information Security.

A guidebook fully detailing how the principles of the IROCTM Framework can be adopted by enterprises will soon be available. The guidebook will be released chapter by chapter on the Interos blog – Register here to receive notification when new chapters are available and for a print version and eBook version.

“There is no one-size-fits-all approach to third-party risk management. The concerns of a multinational manufacturer are vastly different than those of a mid-size financial services organization or government agencies. The Interos ROC™ framework is designed to address the needs of almost every organization with common information and analytics to support the tactics, techniques, and procedures organizations can use appropriate to the scope of their third-party risk management challenges and goals,” said Jennifer Bisceglie, CEO and founder of Interos.

Interos’ risk assessment and monitoring capabilities span over 50 million entities and mine 85,000+ data sources. Interos’ platform leverages machine learning and AI, to build the world’s largest contiguous map of business connections, and natural language understanding (NLU) to map out a company’s supply chains, business relationships and ecosystems. The result is a clear picture of a company’s entire ecosystem from end to end, with scoring across five key risk pillars, that are monitored and updated continuously.

About Interos
Interos protects customers’ brand and operations from risk in their extended supply chains and business relationships. The first AI-powered platform for eliminating multi-party, multi-factor risk from 3rd, 4th to nth tier parties, Interos automates discovery, detection, and response to financial, operations, governance, geographic, and cyber risk. Designed by experts and leveraging the company’s 15 years of experience in managing the world’s most complicated supply chains, Interos provides real-time risk management for the largest commercial brands in manufacturing, financial services, and aerospace and defense. For more information, visit interosai.kinsta.cloud.

Breaking Down Section 889, The Biggest Compliance Change for Federal Contractors – Megan Brown

Posted on by Harris Allgeier

Episode 10: Breaking Down Section 889, The Biggest Compliance Change for Federal Contractors w/ Megan Brown

 

“I think the broader economy had no real insight into this evolving mindset of the US government on these Chinese technology companies.” –  Megan Brown

August 13 is approaching and, for many in the Defense Industrial base (and beyond) that means it’s time for another regulatory complication to global trade, specifically the implementation of Section 889, which forbids the government from contracting with companies who have telecom and surveillance equipment from 5 major chinese companies in their supply chains, including Huawei and ZTE.

But what, exactly does that mean? And how can businesses get ahead of this massive regulatory effort?

Thankfully there are people like Megan Brown in the world. Megan is an attorney and partner at Wiley Rein LLP, and on this episode of What Lies Beneath?, our guest host, Andrea Little Limbago, talks to Megan all about: 

  • The role of bias and how it fits into regulations and insecurity
  • The 2 parts of Section 889 (sections A & B) and what they have to do with the global supply chain
  • Why the US government is so set on not doing business with companies like Huawei
  • Why the lack of definitions in the statute and the lack of clarity could make things more complicated for compliance

Listen & Subscribe!

To learn more, check out the podcast above, or on Stitcher, Apple Podcasts, Google Play, Spotify, or wherever you listen to podcasts. If you like what you hear, please rate and review the show, or share it with a friend! New episodes air every other Tuesday.

To learn more about how Interos can help you with Section 889 Part B compliance, visit Interos.ai.

 

Bios

Andrea Little Limbago: 

Dr. Andrea Little Limbago is a computational social scientist specializing in the intersection of technology, national security, and society. As the Vice President of Research and Analysis at Interos, Andrea leads the company’s research and analytic work regarding global supply chain risk with a focus on governance, cyber, economic, and geopolitical factors. She also oversees community engagement and research partnerships with universities and think tanks and is a frequent contributor to program committees and mentorship and career coaching programs. She has presented extensively at a range of academic, government, and industry conferences such as RSA, SOCOM’s Global Synch, BSidesLV, SXSW, and Enigma. Her writing has been featured in numerous outlets, including Politico, the Hill, Business Insider, War on the Rocks, and Forbes. Andrea is also a Senior Fellow and Program Director for the Cyber and Emerging Technologies Law and Policy Program at the National Security Institute at George Mason and a Fellow at the Atlantic Council’s GeoTech Center. She is an industry advisory board member for the data science program at George Washington University, and is a board member for the Washington, DC chapter of Women in Security and Privacy (WISP). She previously was the Chief Social Scientist at Virtru and Endgame. Prior to that, Andrea taught in academia and was a technical lead at the Joint Warfare Analysis Center, where she earned the Command’s top award for technical excellence. Andrea earned a PhD in Political Science from the University of Colorado at Boulder and a BA from Bowdoin College

 

Megan Brown:  Megan represents corporations in complex proceedings concerning technological innovation and regulation. She helps clients respond to agency and Congressional inquiries and develop compliance strategies under a variety of statutes, including the Federal Trade Commission Act, the Federal Communications Act, and state consumer protection and cybersecurity laws. Megan has deep expertise in cybersecurity and data privacy issues, working for national and global companies on cutting edge compliance and risk management.

As a former senior Department of Justice official in the George W. Bush administration, Megan helps clients navigate the current administration. She also serves on the U.S. Chamber of Commerce’s Cybersecurity Leadership Council and is Associate Director for Cybersecurity at George Mason law school’s National Security Institute.

Megan is a contributing author and an industry source in several publications, including the “Cybersecurity Risk Management Is a Corporate Responsibility” chapter in the American Bar Association’s 2019 publication, The Lawyer’s Corporate Social Responsibility Deskbook.

Section 889 Approaches. Can Large Contractors Comply in Time?

Posted on by Harris Allgeier

August 13 is approaching and, for many in the Defense Industrial base (and beyond) that means it’s time for another regulatory complication to global trade, specifically the implementation of section 889.

Part of the 2019 NDAA (the massive spending bill that determines the DoD’s budget), Section 889 requires companies that count the US federal government as a customer to certify that they, and their extended supply chains, do not contain “covered telecommunication equipment or services” that are produced by Huawei, ZTE, Hytera, Hikvision, and Dahua and their subsidiaries as a “substantial or essential component of any system, or as critical technology as part of any system.”

The move is but one of many steps the U.S. government has taken to limit the exposure of critical infrastructure to Chinese threats. On June 30th the FCC designated Huawei and ZTE as national security threats, preventing U.S. carriers from using the organization’s 8.3 billion government subsidy program to purchase, maintain, or support equipment from those vendors.

But what will these regulatory changes mean to the wider Defense Industrial Base (DIB), or companies who may, unknowingly, rely on technology from the sanctioned companies through their network of third, fourth, fifth, and Nth parties. Even those indirect connections could present liabilities for those organizations. While the full extent of the regulation will not be understood until the DoD begins enforcing it, the language around section 889 is broad enough so that it will likely apply in situations where a company is using the named technologies exclusively in their commercial enterprises.

Section 889 is far from the only regulation large contractors are going to have to find new strategies to comply with. The SECURE Technology Act, Cybersecurity Maturity Model Certification (CMMC), the 2019 Executive Order on Securing the ICTS Supply Chain are all introducing new considerations and complications for major technology contractors.

889 isn’t the only NDAA provision with such an impact either. Sections 1654 and 1655 have created new disclosure requirements of their own, require contractors to alert the government if they have allowed foreign nationals to interact with the source code of a product system or service used by the DoD.

Keeping pace with the increasing number of regulatory requirements while preserving continuity of business will require many institutions to rethink their approach to third party risk management. Simply piling people on the problem is not a scalable solution, given the ever-expanding network of third parties the DIB relies upon. And identifying and monitoring the 3rd party of your 3rd party supplier is an ongoing and never ending task as subtier relationships and reliance changes.  It’s just too hard for people to manage alone.

This challenge is even greater during these times of social distancing when in-person validation of third-party status can prove challenging. Large contractors will need to adopt solutions that can autonomously identify their connected third parties and track compliance across multiple regulations for their entire supply chains, across every tier, down to dirt.

To learn more about how Interos can help track Section 889 compliance, click here.