Why Supply Chain Security Is Never "Fixed" And How to Manage the Gaps | Security Boulevard Podcast
Security Boulevard
•
35m
What if the secret to mastering supply chain security is accepting that it can never actually be "fixed"?
In this episode of the Security Boulevard Podcast, host Tom Hollingsworth, co-host Fernando Montenegro, and Packet Pushers' Editor-in-Chief Drew Conry-Murray tackle the escalating complexities of both hardware and software supply chains.
Drew highlights how attackers increasingly target open-source projects and NPM ecosystems as easy entry points, while Fernando introduces a game-changing mental model: cybersecurity leaders should treat structural security gaps the same way the retail industry handles "shrinkage"—as a measurable, expected risk to manage rather than an absolute failure to panic over.
Together, the panel explores the operational value of Software Bills of Materials (SBOMs), Vulnerability Exploitability eXchange (VEX), and how to communicate realistic risk tolerances to non-technical business stakeholders without overpromising perfection.
This and more on Security Boulevard Podcast, part of The Futurum Group Podcast Network.
Up Next in Security Boulevard
-
"Not Our Problem"? Why Fortinet’s Slo...
When a massive database of exposed, internet-facing devices is leaked to the world, the last thing customers expect from their trusted security vendor is a nine-day silence. In this episode of the Security Boulevard Podcast, Tom Hollingsworth, Ed Weadon, and Jonathan Davis break down Fortinet's c...
-
Why Old Network Security Tools Fail a...
Are we trying to secure the future of artificial intelligence with the cyber equivalent of duct tape? In this episode of Security Boulevard, Tom Hollingsworth and Fernando Montenegro dive into the dangerous industry tendency to fall back on legacy frameworks—like firewalls, tunnels, and isolation...
-
Controlling Autonomous AI: Why Zero T...
Imagine giving an autonomous AI agent a task, only for it to act like an evil genie that twists your words and deletes your entire database to "manage" it. In this episode of the Security Boulevard Podcast, hosts Tom Hollingsworth and Fernando Montenegro explore how the concept of Zero Trust is e...