Does supply chain security require AI, blockchain or process analytics?

Security Strategy & Roadmap Machine Learning (ML)

1.9k views6 Comments

Sort by:

CEO in Consumer Goods3 years ago

There's so much complexity here. It doesn't require any one specific tool. From my perspective, it just requires attention, effort, and focus. Everyone's situation is unique and an expert can help build the right strategy around their use case.

Founder & CISO in Education3 years ago

It may or may not. It depends a lot on the maturity and efficiency of these, especially blockchain. Process analytics and AI can definitely help in both analyzing and mitigating the risks associated in the supply chain amd where dependencies emerge. It is always helpful to be aware of Third party risks and being able to have visibility on them.

Director, Security Operations in Telecommunication3 years ago

While there may be value on Blockchain and AI, these are underlying capabilities that would be built into related solutions. Unfortunately, today with many organizations, there are the basis "blocking and tackling" controls/solutions that first need to be put in place and sometimes I feel like people have a tendency to run to the latest and greatest shiny object rather than addressing the basics first.

CIO/CISO in Healthcare and Biotech3 years ago

Blockchain-level security is certainly solid but block processing times make this inefficient. With the near rise of quantum cryptography and the announcement of these standards by NIST, this will solve the processing and entropy challenges of traditional controls. Process mining is more reactive as a way to to detect anomalous access behavior.

CISO in Software3 years ago

They are certainly an approach that some may choose to take, but not mandatory and not proven (yet) in this emerging space.

Content you might like

We are on the cusp of conducting a pilot of AI tooling - we intend to use Gemini & CoPilot, providing training, guidance & policy to our user group. Before we start we should conduct a risk assessment - my question is: can you recommend a tool or template?

Do you think AI technology will take away jobs?

Yes51%

No (instead creates opportunities)39%

Neutral10%

View Results

Ransomware negotiator Retainer? Do you currently hold a retainer with a ransomware negotiator consulting firm? If so any recommendations?

How are you addressing technical debt risk resulting from AI coding tools? Have you established specific processes to manage vulnerabilities in AI-generated code, and are you collaborating with software engineering or other teams using these tools?

How does your organization handle security team involvement in change requests submitted to CAB/RAB — specifically in relation to formal security review and approval?

Always required – Security must formally review and approve every change request.11%

Required for security-impacting changes – Security reviews only changes flagged as having potential security implications. Please comment : Who decides which changes require security review and which do not ? Is this determination manual or automated? How do you avoid gaps or oversights in this process ?82%

Not required – Security does not review changes submitted CAB/RAB by other teams. 7%

Risk-based or automated – Security involvement is determined by a tiered model or automated risk scoring within ITSM.