Supply Chain Attacks: Trust but Verify Is Not Good Enough
21 Oct 2025
Level 3, Room GW6 | Sands Expo and Convention Centre
Concepts of Trust and the Spillover of General Ecosystem Dynamics into Cyber Specific Supply Chains
Trust is everywhere in our organizations. It can apply to any role within an organization and with any entitlements from humans to machines including artificial intelligence. With this comes an ever-growing challenge that trust is everywhere including our most distant supply chains.
If you consider that the volume of identities and their related privileges is warping our cybersecurity frameworks like zero trust, our incident response plans need to encompass not only our organization’s operations but third parties too. Identity based attack vectors are the very thing that threat actors leverage in their nefarious missions, and how we respond will determine if you have a game over business event.
In this session we will look at the foundations of trust for cybersecurity, common incident response plans, how supply chains can be affected, and then apply these concepts to real world stories of compromised trust and what lessons we can apply to our cybersecurity strategies.
If you consider that the volume of identities and their related privileges is warping our cybersecurity frameworks like zero trust, our incident response plans need to encompass not only our organization’s operations but third parties too. Identity based attack vectors are the very thing that threat actors leverage in their nefarious missions, and how we respond will determine if you have a game over business event.
In this session we will look at the foundations of trust for cybersecurity, common incident response plans, how supply chains can be affected, and then apply these concepts to real world stories of compromised trust and what lessons we can apply to our cybersecurity strategies.
