As digital ecosystems grow more complex, the security of third-party relationships has become one of the most urgent—and opaque—risk domains for CISOs. High-impact breaches increasingly originate from vendors, open-source dependencies, or service providers that operate beyond the organization's direct control. This session will explore how security leaders are adapting governance frameworks, assessment models, and response strategies to contend with evolving supply chain threats. Together, we’ll examine the balance between business agility and risk management in environments where trust is both necessary and dangerous.

Discussion Points:

• Prioritizing and segmenting third-party risk across complex digital ecosystems

• Building visibility and accountability into vendor relationships and dependencies

• Defining and executing effective response plans for supply chain incidents