Image: NOIRLab/NSF/AURA/T. Slovinský
Story by Alea Marks & Dianna ONeill
The second episode of Interos’s executive insights series, “Voices of Innovation,” explored how AI is enhancing digital supply chain cybersecurity – with former CISA Chief of Staff Kiersten E. Todt calling the issue an “urgent challenge.”
“The AI Revolution in Supply Chain Cyber Defense” discussion between Todt and Dave DeWalt, founder and CEO, NightDragon, comes against a backdrop of soaring software supply chain attacks that make today’s complex digital ecosystems acutely vulnerable to breaches, attacks, failures and other cascading disruptions.
Here are five key takeaways from their conversation:
1-Understanding and Managing Supply Chain Risk
The rise in software supply chain attacks has highlighted persistent and costly risks in interconnected digital supply chains, particularly as cybercriminals exploit vulnerabilities in third-party software components. Gartner projects that by 2025, 45% of global organizations will have experienced a supply chain attack, which is three times higher than in 2021
Todt stressed the need for visibility and transparency in managing latent third-party vulnerabilities:
“I do think it’s one of the most urgent challenges to be addressed because we don’t know all the interdependencies [that exist] and we have to have greater visibility into all of the touchpoints that we have. Understanding our third-party risk, understanding where third-party supplier vendors are not as strong or resilient as we need them to be, is critical.”
Recent data shows that 61% of businesses have been impacted by supply chain attacks in the past year, highlighting the extensive attack surface and the urgent need for proactive measures. AI-driven intelligence – which has the power to continuously monitor supply chain lifecycle risk at scale – is vital amid these realities.
2- Government and Industry Partnership
The collaboration between government and industry has led to approaches like Secure by Design, which emphasizes integrating security measures into the development process from the beginning, rather than adding them later, and ensuring a careful balance between security and innovation:
“The prioritization of security over getting something out there is what needs to happen. Secure innovation doesn’t have to be an oxymoron,” Todt said. “If we think about cybersecurity, progress is security, it is safety. That is the principle […] that we’ve seen from the government leaders, but importantly as partners with industry, that we’ve seen prioritized.”
3- Opportunity Over Sophistication
DeWalt noted the importance of identifying “choke points” in the supply chain, as demonstrated by third party cyber vendor incidents in companies like Change Healthcare and auto dealership software company CDK. Todt emphasized that risk is often about opportunity rather than sophistication:
“When you look at Colonial Pipeline, that company for all we know was not targeted because it was transferring 45 percent of fuel along the East coast, it was targeted because it didn’t use multifactor authentication and in a broad sweep its vulnerabilities percolated to the top. A lot of this activity is just looking for where the vulnerabilities are. It’s so important to appreciate not just where they are, but what do you need to function? What do you need to be efficient? What does your supply chain and your manufacturing process need to actually operate?”
Interos Watchtower™: The Necessary Visibility
DeWalt emphasized the complexity of global supply chains, where today’s large enterprises can easily maintain tens of thousands of suppliers across their extended global networks. Identifying and understanding supplier risk across these interdependent ecosystems is crucial, and new technology such as Interos Watchtower™ utilizes AI to continuously map and monitor relationships across the risk lifecycle to help enterprises mitigate supplier failures before they escalate to crisis.
By leveraging AI and real-time critical risk intelligence, companies can enhance their resilience against cyber, regulatory, ESG, and other threats, ensuring that their digital supply chains remain secure and efficient.
Enabling the Future with AI Supply Chain Intelligence
AI technologies are revolutionizing supply chain security by enabling advanced analytics and real-time risk detection, monitoring, and other advantages. These capabilities allow organizations to anticipate potential supply chain disruptions in advance to rapidly mitigate threats and optimize resource allocation.
To watch the replay of Todt and DeWalt’s conversation click HERE.
To learn more about how Interos can fortify your supply chain contact us HERE.