Sign up to save your podcasts
Or
Share 3347: Bitsight on the Hidden Risks Inside Global Supply Chains
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
3347: Bitsight on the Hidden Risks Inside Global Supply Chains
When we talk about cybersecurity, it's often easy to think in terms of firewalls, passwords, and high-profile breaches. But what happens when the vulnerability isn't within your own systems but somewhere deep in your third or fourth-tier supply chain? In this episode, I spoke with Ben Edwards from Bitsight about the unseen infrastructure propping up much of the global digital economy and the new risks emerging from it.
Our conversation begins by challenging the assumption that larger technology providers are automatically safer. Bitsight's research reveals that scale often introduces complexity and a larger attack surface, which can make it even harder to stay secure. In fact, UK supply chains are now around 10 percent larger than the global average, reflecting a more advanced digital economy but also introducing more room for hidden weaknesses.
One of the most sobering parts of the discussion focused on geopolitics. Around 30 percent of UK and US supply chains rely on Chinese military-linked companies like Huawei and China Telecom. That's not just a cybersecurity concern. It's a geopolitical time bomb. Ben broke down the ripple effects that potential restrictions or bans could have, including costs, infrastructure overhauls, and widespread operational disruption.
Then there are the "hidden pillars," smaller vendors like Aptiv and Yardi, which may not be household names but play disproportionately influential roles in sectors like aerospace, education, and real estate. Their obscurity makes them dangerous single points of failure, especially when regional dependencies form without anyone noticing.
The bottom line? End-to-end supply chain visibility remains elusive. Shadow IT, employee workarounds, and a constantly shifting tech landscape mean organizations must approach cybersecurity as an ongoing process, not a checklist. Ben urges companies to continually assess the criticality of their providers and, just as importantly, understand their own role in others' ecosystems.
If you're curious about how internet balkanization, AI, and outsourcing are shaping the next phase of cybersecurity strategy, this episode will give you a lot to think about. Y
View all episodes
By Neil C. Hughes
5
198198 ratings
When we talk about cybersecurity, it's often easy to think in terms of firewalls, passwords, and high-profile breaches. But what happens when the vulnerability isn't within your own systems but somewhere deep in your third or fourth-tier supply chain? In this episode, I spoke with Ben Edwards from Bitsight about the unseen infrastructure propping up much of the global digital economy and the new risks emerging from it.
Our conversation begins by challenging the assumption that larger technology providers are automatically safer. Bitsight's research reveals that scale often introduces complexity and a larger attack surface, which can make it even harder to stay secure. In fact, UK supply chains are now around 10 percent larger than the global average, reflecting a more advanced digital economy but also introducing more room for hidden weaknesses.
One of the most sobering parts of the discussion focused on geopolitics. Around 30 percent of UK and US supply chains rely on Chinese military-linked companies like Huawei and China Telecom. That's not just a cybersecurity concern. It's a geopolitical time bomb. Ben broke down the ripple effects that potential restrictions or bans could have, including costs, infrastructure overhauls, and widespread operational disruption.
Then there are the "hidden pillars," smaller vendors like Aptiv and Yardi, which may not be household names but play disproportionately influential roles in sectors like aerospace, education, and real estate. Their obscurity makes them dangerous single points of failure, especially when regional dependencies form without anyone noticing.
The bottom line? End-to-end supply chain visibility remains elusive. Shadow IT, employee workarounds, and a constantly shifting tech landscape mean organizations must approach cybersecurity as an ongoing process, not a checklist. Ben urges companies to continually assess the criticality of their providers and, just as importantly, understand their own role in others' ecosystems.
If you're curious about how internet balkanization, AI, and outsourcing are shaping the next phase of cybersecurity strategy, this episode will give you a lot to think about. Y
More shows like Tech Talks Daily
View all
This Week in Startups
1,287 Listeners
The Twenty Minute VC (20VC): Venture Capital | Startup Funding | The Pitch
537 Listeners
WSJ Tech News Briefing
1,640 Listeners
The a16z Show
1,090 Listeners
HBR IdeaCast
164 Listeners
Gartner ThinkCast
111 Listeners
Super Data Science: ML & AI Podcast with Jon Krohn
303 Listeners
NVIDIA AI Podcast
334 Listeners
DataFramed
269 Listeners
Practical AI
207 Listeners
All-In with Chamath, Jason, Sacks & Friedberg
9,920 Listeners
Hard Fork
5,509 Listeners
Business Breakdowns
349 Listeners
Latent Space: The AI Engineer Podcast
93 Listeners
The AI Daily Brief: Artificial Intelligence News and Analysis
608 Listeners
Consulting the Future
0 Listeners
Startup Builders & Backers
0 Listeners
IT Infrastructure as a Conversation
0 Listeners
AI at Work
0 Listeners
The Business of Cybersecurity
0 Listeners
Business Technology Perspectives
0 Listeners
Conversations from the Show Floor
0 Listeners