Chertoff Group Co-Founder and CEO Chad Sweet, along with Principal and Head of Geopolitical & Regulatory Risk Michele Iverson, recently sat down with Executive Mosaic reporter Summer Myatt to discuss supply chain dynamics. Ms. Iversen most recently served as Director of Risk Assessment and Operational Integration at the U.S. Department of Defense (DOD). One of the key areas of focus for Ms. Iversen will be leading supply chain risk management engagements for the Firm’s clients.
This is an excerpt of the full interview, which can be found on GovCon Wire.
GovCon Wire: Supply chains have been in the spotlight in the last few years. Tell me about the current supply chain threats facing the nation.
Chad Sweet: I think it boils down to three components that have only continued to evolve in Washington. It’s ironic, given that we’ve just gone through an election, but there are very few issues today that are truly bipartisan because of the polarized political climate. However, supply chain security is one area that has seen broad agreement on both sides of the aisle.
If you look back from Trump 1.0 to Biden 1.0, and now to Trump 2.0, you’ll notice more continuity than change. Both sides have focused on three primary areas regarding supply chains: security, resiliency and industrial policy goals.
Security involves ensuring that we address vulnerabilities in the supply chains, particularly in the defense industrial base or what DHS refers to as critical infrastructure and key resources, or CIKR. This means preventing adversaries from exploiting hardware, software or other inputs for purposes like espionage or pre-conflict reconnaissance. It also ensures that we’re preventing adversaries from becoming our suppliers of critical technologies and supplies.
Resiliency focuses on minimizing the impact of disruptions, whether they’re caused by natural disasters or man-made events. For example, U.S. tariffs have been a major concern for government contractors. They must consider how tariffs, and the retaliatory actions from other countries, might affect their supply chains. A recent example is the Biden administration tightening export control restrictions on advanced semiconductors and fabrication equipment to China. In response, China restricted access to three critical minerals: gallium, germanium and ammonium.
This is a glimpse of what could happen in the future. Government contractors must assess not just their first-tier suppliers’ exposure to these restrictions but also their second and third-tier suppliers. The cascading effects of these disruptions could significantly impact operations. From a competitive perspective, contractors who secure alternative sources of critical minerals quickly — before demand skyrockets — can gain a significant advantage. Proactively inventorying these alternative sources can provide the resilience needed to withstand such challenges.
The third area, industrial policy goals, pertains to recent legislation emphasizing domestic content and production. For instance, the Inflation Reduction Act and other measures include “Buy American, Build American,” or BABA, requirements. Government contractors must ensure they meet these domestic production standards to comply with contracting regulations. This includes assessing whether they have sufficient domestic content to fulfill these requirements.
In summary, supply chain security today revolves around these three areas: ensuring security against adversarial threats, building resiliency to withstand disruptions and aligning with industrial policy goals to remain competitive and compliant. These priorities continue to evolve with each administration, underscoring their importance for government contractors.
GCW: What are some of the trends and opportunities you’re seeing emerge in the supply chain sector?
Sweet: For the longest time, a lot of this has been viewed as a cost center for government contractors — and, frankly, in the commercial sector as well. There’s a great risk historian who teaches at Wharton and advises the insurance industry, Nassim Taleb, who has written about black swan events, which refer to six sigma statistical anomalies. These events are happening more and more frequently.
He advocates for a concept beyond resilience. Resilience means being able to restore your operations, but his argument is that in a world with increasing black swan events, cybersecurity threats and supply chain disruptions, organizations need to adopt an anti-fragile position.
Anti-fragility means assuming you will be disrupted and not just aiming to restore operations but doing so faster than your competitors. It’s about being proactive — acting without waiting for the government to ask — and positioning yourself as the reliable partner. When competitors are down, you’re up, providing continuous support and operations. This is especially critical in the government contracting community, where contractors often deliver life-dependent services and technologies, particularly in the national security sector.
At the end of the day, organizations that adopt this mindset are leading the way. They’re not just checking boxes for supply chain compliance but actively conducting self-evaluations and participating in supply chain disruption exercises that go beyond the technical level. For example, five years ago, boards weren’t conducting cyber exercises. Now, that’s changing.
We’ve seen disruptions like the CrowdStrike incident, which impacted both government entities and numerous commercial enterprises. In some cases, one company was able to recover quickly, while another struggled. A good example was in the transportation sector. Some airlines adopted a more anti-fragile approach and gained a competitive advantage. When their competitors’ passengers couldn’t get ticketed due to disruptions, those customers turned to airlines which were able to ticket and fly. It was a recent real-world example of how being anti-fragile isn’t just about being defensively resilient — it’s about using it to go on the offense to win market share.
We’re seeing the same shift in the government contracting space. Contractors are working to make themselves more resilient and applying that knowledge to help government agencies become anti-fragile. This is particularly exciting, as these agencies often handle life-protecting missions. We’re proud to be part of that effort.
Michele Iversen: Working with companies to build product assurance into their supply chains is a significant opportunity. Supply chain issues were really highlighted during Covid, although the government had been focusing on them even before that. The pandemic exposed critical risks, whether related to resilience or dependence on countries that may choose to stop selling to us or disrupt our supply chains.
Now, we have the opportunity to help companies illuminate their supply chains and strengthen them. This includes ensuring resilience and identifying risks — whether it’s a sanctioned company, operational challenges like natural disasters or vulnerabilities from a supplier two or three layers deep in the supply chain that is not readily visible Lastly, you might think you have redundant suppliers but once you get three or four layers deep you may find that you’re single-threaded without realizing it.
By identifying these risks early, we can help companies mitigate them and build stronger product and supply chain assurance. This allows corporate leadership to provide confidence to their customers and to the government, ensuring they remain reliable and secure when needed.
Link to full interview.
In coordination with Exiger, The Chertoff Group has developed the Supply Chain Assurance Playbook, a proven and scalable process that identifies, assesses, and remediates risks in hardware and software products and supply chains. The solution is widely applicable across the public and commercial markets, enabling organizations to combat growing Foreign Ownership Control or Influence (FOCI) exposure, counter forced labor in supplier networks, demonstrate product integrity, and proactively comply with emerging regulations related to product and supply chain security. Rapidly becoming the industry standard, the Playbook eliminates impediments to public-private collaboration, facilitating trust and transparency.
