New law underscores move to ethical labor

 

Recently, the US senate passed a far-reaching bill that targets the use of forced labor in China’s Xinjiang province. The problem of forced labor has been an issue and a proverbial black mark on otherwise ethical supply chains and products. With holidays around the corner, two questions are on most people’s minds: a) Will holiday gifts be stocked up on shelves?, and b) Are these gifts tied to any environmental, social, or governmental (ESG) supply chain controversies? 

ESG Supply Chain Issues Remained In Hiding for Decades

Since the 80s, as the global economy opened to become more interconnected and supply chains spread out far and wide in the search for efficiency, we lost sight of the fact that the interconnectedness also led to a curtain being drawn upon how goods were sourced, manufactured, and supplied. Initially, we marveled at the machine that could efficiently move, within days, from a remote factory to our doorstep at ever-reduced costs.

We had no way to know that in some cases, behind the curtain, was an inconvenient truth. Some of these products we consume are not sourced via ethical supply chains, but are instead associated with environmental damage and unethical labor practices. Recently, the movement to combat environmental damage and eradicate unethical labor practices has accelerated, making ESG supply chain concerns a prominent focus for executives. This acceleration is driven by availability of data and information, easily consumable at everyone’s fingertips.

Creating an Ethical Supply Chain

With the passage of this bill, we are now entering a new phase. The grassroots movement is now turning into law of the land. Regulators are stepping in, recognizing the need to act, and increasingly setting the standard which is not merely aspirational, but de-facto. This bill bans all imports from China’s Xinjiang region unless companies prove they were made without forced labor. Companies will very quickly need to ensure that they do not source from this region to avoid becoming embroiled in ESG supply chain problems. In many cases, the most effective tool available, sending out surveys, is clearly ineffective.

There is a better way to not only comply with this new regulation, but to ensure that your reputational risk is low and that you are really orchestrating the ethical supply chain that you and your organization aspire to. With the power of data, AI, and machine learning, Interos’ customers get immediate sub-tier visibility into exactly where they are sourcing their products from.

Not only can you use Interos’s Operational Resilience Cloud to identify where you are doing business, but you can also see where your suppliers’ suppliers are, and so on. At the top of this blog is a video of how you can use our platform to perform due diligence on your compliance with this bill, giving you that initial tool to identify your risk of exposure.

It is no longer enough to say “we did not know”. Customers, and now regulators, are drawing a line in the sand that it is not enough. Interos gives you sub-tier visibility, so you can sleep better knowing that you are living your values, and now, complying with the law and creating an ethical supply chain.

For more information about Interos, visit interos.ai.

Supply Beacon Vol. 3 – Cyber Disclosure Requirements are Up, a Dyson Supplier is Down, and Rare-Earth Minerals are Uncertain

The Top 5 Supply Chain News Stories You Need to Know
The Supply Beacon is your monthly resilience digest, the 5-minute supply chain and security news drop you can’t afford to miss, delivered with insights from the experts at Interos. Know what you need to – fast.

OCC Issues New Disclosure Requirements for Cyber Breaches

 

Starting May 1, 2022, financial institutions will have to report major cyber security incidents to federal officials within 36 hours. The final rule establishes two primary requirements:

  1. Banks must now notify Federal Regulators of any cyber incidents no later than 36 hours after the they determine that a cyber incident has occurred.
  2. The final rule requires Banks to notify customers as soon as possible when a bank service provider experiences a cyber incident that has materially disrupted or degraded (or is reasonably likely to materially disrupt or degrade) covered services for four or more hours.

Interos Insight: This ruling, called the “Computer-Security Incident Notification Requirements for Banking Organizations and Their Bank Service Providers” comes on the back of the TSA updating requirements for pipeline, rail, and air transport companies. Although the NDAA for FY 2022 failed to include mandatory reporting requirements for all critical infrastructure companies, bipartisan support for cyber security incident reporting will likely result in future legislation, as a stand-alone bill or possibly, as part of another legislative package. It’s clear that the government is looking to supply chain risk professionals in all industries to rigorously evaluate the cyber risk in their supply chain – and that the issue is only going to be taken more seriously over time.

CISA SBOM-A-RAMA

The Cybersecurity and Infrastructure Security Agency created a new Software Bill of Materials (SBOM) web page and hosted a two-day “SBOM-a-rama” focused on related education, technical issues and pulling together “the broader security and software community.” The SBOM concept “has emerged as a key building block in software security and software supply chain risk management.” Allan Friedman, who led the transparency initiative at the Commerce Department, is now at CISA to fully realize the SBOM’s potential. He said, “to operationalize SBOM means to make sure that we can integrate this into daily operation, into existing tools, and the final status of hooking it into the existing vulnerability and cyber security ecosystem.” Having already led the NTIA in its July issuance of “minimum elements of a software bill of materials,” (a step toward creating a potential federal benchmark and market standard) we can look to Mr. Friedman and the Agency as a source of information, guidance and an opportunity to partner.

Interos Insight: While a bill of materials has always been a regular part of supply chain management, this was not always the case for software. In fact, the idea really only got mainstream attention in May 2021, when the Biden administration issued an executive order citing SBOMs as a necessary measure to improve U.S. cyber security. The order requires the government’s critical software vendors to supply SBOMs for their products and employ automated tools to maintain trusted source code supply chains. The EO applies only to vendors that do business with the U.S. government; however, considering the increase in supply chain attacks, providing a compliant SBOM is likely to become a requirement for most businesses, particularly in regulated industries where a software supply chain failure could result in major consequences.

If you don’t already create SBOMs for your software, there’s never been a better time to start. Not only does knowing what entities are in your software supply chain help secure against vulnerabilities, but it also uncovers hidden licensing risks used in third party software or code. Interos can help partners establish automated mapping, enabling customers to invest in the right, trusted technology and catalogue the use of open source and third-party software to deliver a complete and accurate SBOM.

 

Dyson Dumps Malaysian Supplier ATA Over Labour Concerns

 

High-tech home appliance maker Dyson told Reuters it had cut ties with supplier ATA IMS following an audit of the Malaysian company’s labor practices and allegations by a whistleblower, sending ATA shares plunging.

ATA, which is already being investigated by the United States over forced labor allegations, confirmed Dyson has terminated its contracts and that it has been in talks with the customer over the audit findings. It had previously denied allegations of labor abuse.

Interos Insight: ESG risks as well as violations of other country-specific restricted lists are not always easy to determine. Companies sometimes look to obfuscate their practices and procuring from such organizations can leave you at risk to penalties, loss of business, and reputational damage. Interos’ database and ML algorithms helps to inform clients before they engage with an industry leading relationship map that continues to update relationships in your supply chain so you can focus on your business’ success.

New Plans to Boost Cyber Security of UK’s Digital Supply Chains

 

Several reports were released as part of the UK Government’s effort to protect the UK’s digital infrastructure and improve the cyber resilience of organization’s supply chains across the economy and society. These plans include new procurement rules to ensure the public sector buys services from firms with good cyber security. The plans also call for improved advice and guidance campaigns to help businesses manage security risks.

The move follows a consultation by the Department for Digital, Culture, Media, and Sport (DCMS) to enhance the security of digital supply chains and third-party IT services, which are used by firms for things such as data processing and running software.

The reports show that the majority of CEOs and directors of Britain’s top companies (91%, up from 84% in 2020) see cyber threats as a high or very high risk to their business, but nearly a third of leading firms are not acting on supply chain cyber security, with only 69% saying their organization actively manages supply chain cyber risks.

Interos Insight: The British Government is ahead of many NATO peers in enforcing cyber security measures. While there are already procedures to encourage firms across the UK to follow the advice and guidance from the National Cyber Security Centre to secure their businesses’ digital footprint and protect sensitive data, stricter legislation is almost assuredly soon to arrive. The poll also showed that 82% of respondents agreed legislation could be an effective solution. Although regulatory requirements differ across countries and industries, the trend toward greater disclosure and transparency is clear, and is generally bipartisan. Supply chain risk practitioners and industry leaders can use Interos’ AI driven software to assist in getting ahead of the curve and ensuring they are constantly in compliance and continually monitoring their supply chain with updated analytics.

 

China Set to Create New State-Owned Rare-Earths Giant

 

China has merged several rare-earth assets to create a mammoth state-owned rare-earths company to maintain its dominance in the global supply chain of the strategic metals as tensions deepen with the U.S. The new firm will be called China Rare-earth Group and will be based in resource-rich Jiangxi province in southern China. The combined group is designed to further strengthen Beijing’s pricing power and avoid infighting among Chinese firms, and to use that clout to undercut Western efforts to dominate critical technologies.

Interos Insight: China has long dominated the rare-earth industry. It is estimated that the country will soon account for approximately 70% of total global production of medium and heavy rare-earths and 40% of the total global rare-earth market. The nation also has an overwhelming monopoly on processing these minerals. Medium and heavy rare-earths such as dysprosium and terbium, are considered essential for the production of high-performance magnets, which are used in motors and other components of electric vehicles. The US has taken some steps to encourage more rare-earth production in Australia (the US Defense Department signed a technology investment agreement with Australia’s Lynas Rare Earths company which the Pentagon called “the largest rare-earth element mining and processing company outside of China”).

President Biden has also issued an executive order naming rare-earth minerals as one of four key areas in need of more robust policy options to reduce supply chain risks. Companies with any component in their supply chain that requires rare-earth materials will want to monitor developments here closely since the Chinese government’s restructuring gives them a clear and solid control over much of the supply chain – from production to exports. Additionally, since the previously “private” Chinese mining companies are now “civil-military” fusion contributors to the Chinese defense industrial base, it would not be impossible to imagine them and other companies in China’s critical mineral ecosystem winding up on Section 1260H of the NDAA2021.

That’s this month’s Supply Beacon. Looking to learn more about supply chain risk and operational resilience? Check out interos.ai. Got a suggestion for next month’s newsletter? Send us the scoop at [email protected] or tweet us at @InterosInc!

Uncovering the Hidden Risks in Your Supply Chain

Companies worldwide are struggling to answer one question: “what are some supply chain risks we need to know about?” Supply chain disruptions and the risks posed to your business from external parties have become board-level priorities. Slowdowns, delays, and supply shortages have squeezed revenue growth, product availability, and consumer shopping habits. Failures have led to shaky shareholder confidence, hits against brand reputation, and even regulatory non-compliance. In the most visible cases, the fallout from unforeseen disruptions has become headlines on the evening news and even dinner table discussions.

For the better part of the last two years, procurement and supply chain organizations have been working overtime to gain control over an increasingly stressed supply chain. Many of the fire drills currently run behind the scenes have averted business crises and kept businesses running as close to full speed as possible in these challenging times. But the work isn’t done yet.

Supply risk has come to the forefront, with more resources, eyeballs, and planning cycles devoted to gaining an early warning of future disruptions. The big question on everyone’s priority list: What are some supply chain risks that we can’t see, and how do we gain the visibility necessary to mitigate them?

What are some supply chain risks that tend to be hidden?

Vulnerabilities across your supply network are everywhere, and surprisingly, many of them are hiding in plain sight. The risk factors that tell you about these risks get overlooked thanks to a lack of data and visibility. In most cases, organizations can easily find these risks with the right tools.

Think about the typical supplier risk assessment process. What are some supply chain risks that companies want to find? Even if there are a few common answers, the process is anything but typical.

Suppliers undergo reviews for financial health, the ability to meet restrictions and regulations, and absence from any sanctioned lists. Some suppliers are reviewed for ESG scores. Surveys are sent and responses are reviewed. Internal evaluations may highlight previous performance issues. Critical direct material suppliers get a closer look, including site visits, samples, and prototypes.

But the consistent factor is the inconsistency even within the same procurement organization.

Of course, we have to prioritize, especially when global procurement treams are assessing and onboarding potentially hundreds of suppliers each year.  Data is hard to come by, and time is a scarce resource.  So, we prioritize which suppliers get a cursory review and which get a thorough look across multiple risk indicators.

One of the primary supplier risk “‘wish list”’ items I hear from procurement teams is their desire to deliver a more consistent and thorough approach to assessing suppliers across different risk factors.  Gaining instant access to multi-factor risk assessments would enable them to make better decisions while reducing the time and effort of identifying hidden risks to their businesses.  They could evaluate each new supplier more thoroughly without slowing down the onboarding process or reducing their overall throughput with such visibility.

Layers upon layers of shadows

The next ‘wish list’ I often hear is to shine a light on the suppliers that are in play across the extended supply network.  Sub-tier suppliers carry the same vulnerabilities from financial, operational, cyber, ESG, and geopolitical risks, but the shadows are darker and deeper because of their indirect relationship.

A study from the Business Continuity Institute* reported that “40% of COVID-19 related supply disruptions occurred beyond tier 1” suppliers.  Our 2021 Annual Global Supply Chain Report found that visibility into extended supply chains and sub-tier suppliers is becoming critical for procurement organizations.

But across the board, accurately identifying sub-tier suppliers has been one of the biggest challenges for procurement and supplier risk management professionals.  Think about the time and resources required to assess your first-tier suppliers adequately.  Now, extend that to multiple tiers of suppliers with whom you don’t have any organizational or contractual relationship to leverage.  Ugh.

Yet disruptions within the sub-tier supplier network can cause ripple effects across multiple nodes within your supply chain.  Even with multi-source strategies in place, an unknown sub-tier supplier supporting your primary and alternate suppliers creates a single point of failure that may be completely hidden from view.

Illuminating your entire supply network

Developing a more consistent approach to identifying potential supplier risks and vulnerabilities can help protect your business from supply disruptions, unnecessary costs, and reputational harm.

Start with developing a single view into supplier risk across multiple risk factors for all suppliers. Build upon that to identify the relationships and interdependencies across the extended network of sub-tier suppliers that support your business. Assess those sub-tier suppliers against the risks that can cause ripple effects up and down your supply chain.

Use fresh, external data to supplement self-reported survey responses and data collected during last year’s annual reviews. Keep this data fresh, and systematically monitor it in a way that enables you to identify material changes that increase the risk of supply disruptions or events that need quick reaction to stem the impact to your organization.

Map, Monitor and Model; that’s what we call this at Interos. The Interos Operational Resilience Cloud can help you uncover the hidden risks across your extended supply network and shine a light on the vulnerabilities and potential disruptions before they cause harm to your business. Again, it’s not enough to know what are some supply chain risks that could threaten your organization; you need to know all of them.

Go deeper on this topic to explore the hidden risks that lie within and across your extended supply network, how you can uncover those risks, and ultimately reduce your exposure to the unknown. To learn more about Interos, visit Interos.ai

*Supply Chain Resilience Report 2021, Business Continuity Institute, www.thebci.org, February 2021

Log4j Highlights the Need for an Operational Resilience Model

The US Cybersecurity and Infrastructure Security Agency has given the Apache Log4j vulnerability its highest threat score. The exploit has exposed hundreds of millions of devices worldwide to a security breach. 

While cybersecurity leaders work with the Apache Foundation to close this vulnerability, members of the global economy must understand how this potentially affects their supply chain. Interos data reveal that this vulnerability alone could impact more than 135,000 suppliers in our customers supply chains, and cause ripple effects across industries and geographies. 

The Log4j vulnerability certainly stands out for its pervasiveness and potential to disrupt the economy.   

Large cyberattacks, system vulnerabilities and network outages have become a standard part of life in today’s super-connected world. That’s not to minimize their impact but to underscore the persistent threat to businesses. A cyberattack that takes even a single supplier offline can cause delays throughout your entire supply chain and in verticals with high concentration risk.  

All businesses need to understand their cyber risks and the cyber risk of suppliers they rely on to create and deliver their final product. At Interos, our goal is to help our customers know all of those risks to make educated decisions to ensure the resilience of their supply chains. 

A Different Approach to Understanding Cyber Risk 

Interos provides its customers with a global map of suppliers and supply chain risks, including consideration of cybersecurity vulnerabilities. Along with understanding the cyber pressure put on suppliers based on their industry and location, we also assess their financial strength. 

A company with a poor cyber or financial history may not respond adequately to this breach. For example, the patches and upgrades the cybersecurity community has created to block this vulnerability provide little value if a company fails to institute them. Some companies may lack the cyber know-how or the financial resources to accomplish these demands, putting them at increased risk for disruption. 

Interos provides real-time information on the cybersecurity resilience of suppliers. It is just one of many metrics our artificial intelligence platform leverages to provide customers with a 360-degree view of their supply chain.  

With this information, businesses can better understand the risks their suppliers face. Based on the risk profile, these companies can switch suppliers, request suppliers better mitigate these risks or accept the inherent risk. This type of visibility through various metrics allows businesses to build a resilient supply chain made up of suppliers with acceptable risk profiles. 

Companies can also use our platform to model disruptive events to find potential weak spots in their supply chain. This all leads to creating an operationally resilient supply chain that can better manage crisis.

Log4j Serves as a Case in Point 

The Log4j vulnerability exposes a considerable part of the global economy to cyber attack. While it may be impossible to see this type of breach coming, suppliers should have the ability to withstand the attack, make the necessary upgrades, and continue operations. 

Our customers can use Interos’ cloud offering to see what members of their supply chain are impacted. They can understand what supply chain members are best equipped to manage the situation and those that cannot. This can guide future supply chain decisions and supplier relationships, reinforcing or removing the companies that lack the necessary capacity. 

The Log4j vulnerability will pass, but another type of cyber disruption can strike at any point. Interos wants to change how you see your supply chain. We want you to understand better the companies you depend on for your success. 

A study we conducted last year found that large businesses lose $184 million annually in supply chain disruptions. This is wasted money. Know the risks your suppliers face and take action to protect your company’s bottom line and its reputation. 

Supply Beacon Vol. 2 – Chips, China, and Cyber

The Top 5 Supply Chain News Stories You Need to Know

The Supply Beacon is your monthly resilience digest, the 5-minute supply chain and security news drop you can’t afford to miss, delivered with insights from the experts at Interos. Know what you need to – fast.

What We’re Reading

House Homeland Committee Scrutinizes Cyber Security Directives on Transportation Sector  – Industrial Cyber Pandemic Preparedness
Story summary: A House Joint Subcommittee on Homeland Security met in late October to consider industry-wide cyber security directives for the transportation sector. Subcommittee Chairman Rep. Bennie Thompson (D-Miss.) called on the Transportation Security Administration to work in close collaboration with the Cybersecurity and Infrastructure Security Agency to craft requirements to achieve security industry-wide benefits. If successful, Thompson argued these potential requirements could position the transportation sectors as a model for mandating cybersecurity measures.
Interos Insight: Private entities own and operate more than 86% of the critical infrastructure in the United States. As the US government looks to build requirements for reporting and regulations for industry, transportation leaders are again reminded that cyber security is a national security concern. Transportation companies need visibility into their own companies, but also those in their extended supply chains to avoid potential devastating ripple effects.

 

 

Biden Signs Legislation to Tighten U.S. Restrictions on Huawei, ZTE 
Story summary: President Joe Biden signed The Secure Equipment Act earlier this month that prevents technology companies believed to be security threats like Huawei and ZTE from receiving new equipment licenses from US regulators. The new law is the latest federal effort to crack down on Chinese telecom and tech companies that may pose a cybersecurity threat.
Interos Insight: While the 2019 National Defense Authorization Act (NDAA) banned these companies from selling to Federal agencies, their products are still available for consumers, enterprises, and were – sometimes unknowingly – in the supply chain of other buyers. While the law’s current “Covered Equipment and Services” list only names five foreign companies, Interos’ mapping has identified more than 900 foreign companies that could be of concern with more likely still to be discovered. Interos’ methodology team goes through an ongoing rigorous, manual and automated process to make sure that all related entities are discovered and tracked. With such strong bipartisan support, it is clear that compliance will be required and enforced. Companies with any related parts in their supply chain are encouraged to ensure they have the analytical tools necessary for discovery.
Commerce Adds NSO Group to Entity List for Malicious Cyber Activities
Story summary: The US Commerce Department’s Bureau of Industry and Security (BIS) has added four foreign companies to its Entity List, essentially blacklisting them from trade with US companies. The decision comes as these companies – two from Israel, and one each from Russia and Singapore – were deemed to act in a way that went against the national security or foreign policy interests of the United States. NSO Group and Candiru, the two companies from Israel, reported supplied spyware to foreign governments that used these tools to maliciously target government officials, journalists, businesspeople, activists, academics, and embassy workers.
Interos Insight: The move is a little surprising as the two Israeli firms operate in an Allied country. Following this announcement, Isaac Benbenisti, a telecommunications executive who joined NSO in August and was recently named to succeed NSO founder and CEO Shalev Hulio, abruptly resigned. These additions to prohibited and restricted entities lists (which are increasingly frequent and unpredictable) illustrate just how quickly the notion of who is safe or unsafe to do business with can change. It also highlights the importance of investing in real-time monitoring solutions that can discover hidden connections to these entities, who often act through seemingly legitimate middlemen that conceal nefarious state and non-state-backed activity.
U.S. Chipmaker Micron Unveils $150bn Global Expansion Plan
Story summary: Micron Technology said it will invest $150 billion in chip manufacturing and research and development over the next decade as governments around the world vie to bring vital semiconductor production on shore.
Interos Insight: As the semiconductor shortage goes on, companies like Micron are evaluating their business model, including the physical locations where their products are made. Countries like the United States have begun creating location-based tax incentives, an about-face after ignoring on-shoring semiconductor production for decades due the high cost. However, Micron notes they expect that production costs in the United States will be 35% to 45% higher than elsewhere. While geographic location is important, Interos’ data connections suggest that most, if not all, semiconductor supply chains are connected to each other. This indicates that although capacity is expanding within industry, it will take more than one company’s investment in capacity to solve the supply and demand problem.
That’s this month’s Supply Beacon. Looking to learn more about supply chain risk and operational resilience? Check out interos.ai. Got a suggestion for next month’s newsletter? Send us the scoop at [email protected] or tweet us at @InterosInc!

Toshiba, GE, and J&J – What Big Corporate Breakups Mean for the Supply Chain

The notion of “too big to fail” gained prominence during the 2008 financial crisis, shifting entrenched perspectives toward landmark corporations. Since then, a very much still-ongoing pandemic has upended the global economy (and the supply chain it depends on) to an even greater degree. Massive technological and geopolitical shifts, coupled with shifting consumer behavior and attitudes, are further prompting renewed introspection as firms rethink resilience and the future of supply chain management in a post-pandemic global economy. Based on recent trends, corporations are again assessing their size, with events like the recent GE spin-off announcement becoming a growing – and potentially defining – feature of the shifting landscape toward greater resilience.

The End of the Conglomerate Era?

As alluded to above, within weeks corporate titans Toshiba, GE, and Johnson & Johnson all announced intentions to spin-off parts of their enterprise. Earlier this year, Dell Technologies made a similar calculation with the spin-off of VMWare, while Siemens and Honeywell also similarly pared down over the last year. In each case, creating a more efficient business model, optimizing the more profitable product lines, and streamlining business operations have been the driving factors behind the conglomerate breakups.

These recent breakups have been dubbed “the end to the era of the conglomerate.” However, they may also be a sign of greater confidence in the global economy. While spin-offs declined during the pandemic, these recent breakups might be an indicator of greater confidence in an economic recovery. Over the last decade, many conglomerates built specialized business lines that were quite distinct from other parts of the company — for example, the healthcare operations that will form the basis of the GE spin-off. The pandemic has accelerated these distinctions across business lines, while also amplifying differences in financial performance. The timing may be right for many corporations to build upon economic growth and seek spin-offs to optimize market and investment value as well as growth driven by innovation.

Moreover, the massive economic shocks during 2020 also revealed the fragility and insecurity of hyperspecialized global supply chains. While much attention has been on the efficiencies gained within business lines, discussions of potential negative outcomes for the future of supply chain efficiencies and of resilience in general are remarkably absent in talk about the impact of corporate break-ups. However, a quick analysis of these companies’ supply chains illustrates that these decisions have global implications and ripple throughout large, medium, and small businesses alike.

The Global Impact of the GE Spin-off and Other Break-Ups

A quick assessment of the supply chains of recent conglomerate break-ups illustrates the global impacts of these spin-offs. They are not contained to one single country or industry, but rather ripple across the globe and across sectors. Across Toshiba, GE, and Johnson & Johnson, thousands of tier 1 suppliers are impacted. When extending out to the second and third tiers of those respective supply chains, the numbers jump into the hundreds of thousands of businesses that may be affected. This does not necessarily imply a negative effect, but rather uncertainty that may be introduced into the future of supply chains that continue to feel extended shocks as the global economy realigns and rebounds.

While a third of these companies’ tier 1 suppliers are located in the United States, countries across the globe – including China, the United Kingdom, Brazil, Australia, Egypt, and India – may also be impacted by breakups like the GE spin-off. In addition, the software, machinery, and semiconductor industries are the most prominent in the first tier of these companies, but the impact is much more expansive. From media to IT services to life sciences, companies across the globe and across industries may experience a jolt as these major conglomerates realign their business units and corporate structures.

A map of the globe illustrating which countries have the highest concentration of companies supplying J&J, GE, and Toshiba. While the United States and China are the most prominent, many countries around the world also supply these conglomerates, meaning they will be impacted by events like the GE spin-off.

The Future of Supply Chain Ripple Effects in the New Normal

Is it truly the end of the conglomerate era or simply a sign of growing confidence in a transformed global economy? It could reflect a little of both, as new innovations, emerging technologies, shifting consumer demands, and a transition from “just in time” to “just in case” production alter strategic plans and the future of supply chains. As corporations continue to assess the best path toward resilience in a time of global disruptions, moves like the GE spin-off likely will continue to emerge as a profitable and efficient part of this calculus.

Over the course of the pandemic, major corporations that lacked visibility into their supply chains learned the hard way of the downstream concentration and geographic risks at far corners of their supply chain. With corporate spin-offs, firms that lack upstream visibility similarly may be surprised to learn that a distant spin-off may impact them. While spin-offs may be a path toward stability for those conglomerates, it could introduce uncertainty for their partners across their immediate and extended future supply chains.

The latest breakups are yet another indicator of the new normal, a time of uncertainty corresponding with dramatic shifts in the global economy, emerging technologies, and geopolitical upheavals. Will the need for renewed “focus” that is driving many of the spin-offs also include a new focus on resilience across supply chains? Is this part of a broader “end of the era of the conglomerate,” and if so, will certain sectors be more impacted than others?

At Interos, we will continuously monitor how these breakups propagate across supply chains, including the downstream effects on suppliers across a range of industries, and how they may impact risk across the supply chain ecosystem as companies continue to grapple with improving resilience in the new normal.

To learn more about Interos, visit Interos.ai

When 1+1+1 = 5 – The Power of Partners & the Supply Chain

Bringing Together Three Industry Disruptors for the Supply Chain Risk Management Market

At Interos, a leading firm in the supply chain risk management market, our business centers on the ability to provide customers with deep visibility into their complex global supply chains and the web of supplier partners that comprise them. From there, customers can determine how best to approach enterprise risk management and business continuity.

We provide a technology-based, real-time diagnostic of our customers’ supply chains, alerting them to potential issues and providing the intelligence to make agile course corrections when necessary.

Two important concepts lie at the heart of our business model: trust and transparency. Companies and organizations today have never been in more need of trusted partners and relationships built on full transparency.

Indeed, trust and transparency are fast becoming the new currencies for business and for all business partnerships — and the supply chain risk management market is no exception. That’s because the enterprise risk management and business continuity challenges organizations face today are so demanding and complex that no one can afford to go it alone.

We believe in the power of partnerships and the interdependencies and synergies that make “the whole greater than the sum of its parts.”

And that’s why I’m thrilled that earlier today, Interos announced new strategic partnerships with Accenture Ventures’ Project Spotlight program and Coupa Ventures, the world’s leading technology platform for managing business transactions across procurement, payments, and supply chain.

These two agenda-setting companies have joined our $100 million Series-C funding round as we continue to grow our Operational Resilience Cloud, which combines the power of our proprietary AI algorithm with the world’s largest repository of supplier-relationship data. As we develop these technologies, we increasingly empower businesses to handle enterprise risk management and business continuity. This includes monitoring supplier compliance for labor, financial, and environmental regulations, pending natural disaster issues, trade disputes, and potential geopolitical conflicts, among others.

Accenture and Coupa join an already-robust group of investors and partners at Interos, including Kleiner Perkins, Venrock, and NightDragon, who led our Series C funding round. They also join a host of other industry partners that provide the resources and capabilities that have enabled us to become first-to-market in the burgeoning operational resilience industry.

The Power of Partnership 

Like all businesses, the strength of Interos comes from our partnerships and the increased combined value we can bring customers in the supply chain risk management market. It’s truly a case of “1+1+1=5”.

With Accenture onboarded as a partner, it provides us with extraordinary strategic counsel capabilities across the supply chain and operational resilience landscapes. At the same time, its customers now gain access to a real-time feed of supply chain risk and operational resilience information trusted by Accenture.

Coupa brings world-class transaction management capabilities which will help businesses further improve enterprise risk management and business continuity.

Both partners will also be integral in supporting new innovations. We will work closely with them to identify and bring to market new products and solutions that will further help our customers gain operational resilience and a stronger footing for continued growth.

I could not be more excited about this latest development. We’re bringing together partners who share similar cultures and values, bring to bear complementary capabilities, and are passionate about the power of global supply chain innovations in saving businesses and the planet in our rapidly approaching post-pandemic world.

These types of partnerships don’t happen overnight. It takes hard work, substantial due diligence, extended negotiations, clear, consistent, and authentic communication, and a candid assessment of each other’s strengths and weaknesses.

And, of course, it requires a healthy dose of self-awareness. All market-leading organizations understand when to buy, build, and partner. For instance, you can be the strongest product creator in your market and just not be equipped to handle the services side of things or vice-versa.

The Road Ahead for Enterprise Risk Management and Business Continuity

Our customers require the best tools possible as they confront the challenges of enterprise risk management and business continuity. As we continue to bring to market the world’s strongest supply-chain visibility and diagnostic platforms, we will continue to work with incredible partners that share our commitment of providing the highest levels of trust and transparency across all business relationships.

Accenture and Coupa fit that bill for us, and we do the same for them.

That’s the true power of partnership. And we can’t wait to get started providing even more value to our customers in the supply chain risk management market. 

Big things ahead. Stay tuned.

To learn more, visit interos.ai