Episode 70 — Monitor and Review Supply Chain Risks as Dependencies and Threats Change
This episode teaches how to monitor and review supply chain risks as dependencies and threats change, because ISSMP expects leaders to manage supply chain risk as a living program that adapts to new integrations, service changes, and evolving attacker behavior. You will learn how to establish review triggers such as vendor scope expansion, new data types, subcontractor changes, incidents, audit findings, regulatory shifts, and material business initiatives that alter dependency criticality. Scenarios include a vendor adding new regions for data processing, a supplier experiencing repeated outages, or a partner introducing a new API that changes access boundaries, showing how review routines prevent risk drift. Best practices include tiered monitoring, recurring evidence checks, integrating supply chain metrics into enterprise reporting, and ensuring remediation and escalation paths remain clear. Produced by BareMetalCyber.com, where you’ll find more cyber audio courses, books, and information to strengthen your educational path. Also, if you want to stay up to date with the latest news, visit DailyCyber.News for a newsletter you can use, and a daily podcast you can commute with.
