Sign up to save your podcasts
Or
Share 3347: Bitsight on the Hidden Risks Inside Global Supply Chains
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
3347: Bitsight on the Hidden Risks Inside Global Supply Chains
When we talk about cybersecurity, it’s often easy to think in terms of firewalls, passwords, and high-profile breaches. But what happens when the vulnerability isn’t within your own systems but somewhere deep in your third or fourth-tier supply chain? In this episode, I spoke with Ben Edwards from Bitsight about the unseen infrastructure propping up much of the global digital economy and the new risks emerging from it.
Our conversation begins by challenging the assumption that larger technology providers are automatically safer. Bitsight’s research reveals that scale often introduces complexity and a larger attack surface, which can make it even harder to stay secure. In fact, UK supply chains are now around 10 percent larger than the global average, reflecting a more advanced digital economy but also introducing more room for hidden weaknesses.
One of the most sobering parts of the discussion focused on geopolitics. Around 30 percent of UK and US supply chains rely on Chinese military-linked companies like Huawei and China Telecom. That’s not just a cybersecurity concern. It’s a geopolitical time bomb. Ben broke down the ripple effects that potential restrictions or bans could have, including costs, infrastructure overhauls, and widespread operational disruption.
Then there are the “hidden pillars,” smaller vendors like Aptiv and Yardi, which may not be household names but play disproportionately influential roles in sectors like aerospace, education, and real estate. Their obscurity makes them dangerous single points of failure, especially when regional dependencies form without anyone noticing.
The bottom line? End-to-end supply chain visibility remains elusive. Shadow IT, employee workarounds, and a constantly shifting tech landscape mean organizations must approach cybersecurity as an ongoing process, not a checklist. Ben urges companies to continually assess the criticality of their providers and, just as importantly, understand their own role in others’ ecosystems.
If you’re curious about how internet balkanization, AI, and outsourcing are shaping the next phase of cybersecurity strategy, this episode will give you a lot to think about. Y
View all episodes
By Neil C. Hughes
5
197197 ratings
When we talk about cybersecurity, it’s often easy to think in terms of firewalls, passwords, and high-profile breaches. But what happens when the vulnerability isn’t within your own systems but somewhere deep in your third or fourth-tier supply chain? In this episode, I spoke with Ben Edwards from Bitsight about the unseen infrastructure propping up much of the global digital economy and the new risks emerging from it.
Our conversation begins by challenging the assumption that larger technology providers are automatically safer. Bitsight’s research reveals that scale often introduces complexity and a larger attack surface, which can make it even harder to stay secure. In fact, UK supply chains are now around 10 percent larger than the global average, reflecting a more advanced digital economy but also introducing more room for hidden weaknesses.
One of the most sobering parts of the discussion focused on geopolitics. Around 30 percent of UK and US supply chains rely on Chinese military-linked companies like Huawei and China Telecom. That’s not just a cybersecurity concern. It’s a geopolitical time bomb. Ben broke down the ripple effects that potential restrictions or bans could have, including costs, infrastructure overhauls, and widespread operational disruption.
Then there are the “hidden pillars,” smaller vendors like Aptiv and Yardi, which may not be household names but play disproportionately influential roles in sectors like aerospace, education, and real estate. Their obscurity makes them dangerous single points of failure, especially when regional dependencies form without anyone noticing.
The bottom line? End-to-end supply chain visibility remains elusive. Shadow IT, employee workarounds, and a constantly shifting tech landscape mean organizations must approach cybersecurity as an ongoing process, not a checklist. Ben urges companies to continually assess the criticality of their providers and, just as importantly, understand their own role in others’ ecosystems.
If you’re curious about how internet balkanization, AI, and outsourcing are shaping the next phase of cybersecurity strategy, this episode will give you a lot to think about. Y
More shows like Tech Talks Daily
View all
HBR IdeaCast
177 Listeners
a16z Podcast
1,036 Listeners
The Twenty Minute VC (20VC): Venture Capital | Startup Funding | The Pitch
519 Listeners
Software Engineering Daily
621 Listeners
The Official SaaStr Podcast: SaaS | Founders | Investors
175 Listeners
The TWIML AI Podcast (formerly This Week in Machine Learning & Artificial Intelligence)
441 Listeners
Fintech Insider Podcast by 11:FS
186 Listeners
Gartner ThinkCast
112 Listeners
Super Data Science: ML & AI Podcast with Jon Krohn
298 Listeners
NVIDIA AI Podcast
331 Listeners
DataFramed
267 Listeners
Practical AI
192 Listeners
Big Technology Podcast
454 Listeners
Business Breakdowns
353 Listeners
The AI Daily Brief (Formerly The AI Breakdown): Artificial Intelligence News and Analysis
491 Listeners