What is the Future of Supply Chain Cybersecurity?

As cyber attacks increasingly threaten global supply chains, business leaders are, unsurprisingly, placing greater emphasis on cybersecurity.

At the same time, AI agents, bots and machine identities are becoming core to day-to-day operations, often outnumbering human users across enterprise networks.

Balancing who has access to a network and how best to protect digital operations is now vital to business resilience.

With more than two decades of experience in cybersecurity, Rex Booth, CISO at SailPoint, has witnessed first-hand how security tactics have evolved.

Here, Rex explores the shifting environment of cyber risk and how modern security depends on automation and AI.

If Scattered Spider retires but cyber threats don’t, what really needs to change now?

Ultimately, whether one group of criminals retire or not doesn’t really matter to the victims. 

Cyber threats and digital crime are opportunity driven – if one gang steps aside, a new one will eagerly take their place. That’s why we need to change our focus and look at prevention more than personalities. 

You can have the best tech in the world, but without user vigilance it’s redundant. With all the buzz around nation-state threats, it can be easy to forget that sometimes our vulnerabilities are much closer to home. It’s imperative that businesses prioritise training initiatives and simulations for employees, who are the first line of defence against social engineering attacks. 

What would you say locks the digital doors tighter against rising crime?

You need both elements running alongside each other if you’re going to keep bad actors locked out. Prevention requires social intervention as much as it requires technological fortifications. 

Businesses should absolutely be using tech that automates processes like threat detection and remediation. However, a culture where employees feel empowered to pause and question unusual requests for credentials has to run alongside that. 

Organisations can use identity security tools to support cyber training programmes, so they become more targeted and personalised based on individual need. These tools can help to identify high-risk employees that would benefit most from cyber training by aggregating and analysing user data. For example, employees with multi-factor authentication (MFA) disabled, employees that frequently access sensitive data or users with frequent failed login attempts.

With cyber gangs sharing playbooks, how can CISOs stay one step ahead?

Recently, we saw Shiny Hunters borrow social engineering tactics from Scattered Spider and it’s not an isolated incident. Gangs trade knowledge, tactics, tools and even people. 

Plus, ransomware-as-a service has erased many technical barriers and made cybercrime accessible to anyone with time, a laptop and an internet connection.

Crime now moves faster, enabled by easy access to knowledge and capabilities.  

All this sharing means two things: attacks are going to get more frequent and the results will be less predictable. CISOs looking to stay one step ahead need to be great strategists, not just technologists. 

Keeping crime out means securing buy-in from the wider business – getting them to view security as an enablement function. 

Traditionally, security has been viewed as the department of ‘no’, but we’re not just here to block things. If we’re going to keep things safe, we need our stakeholders to understand we’re collaborators, not obstacles. 

How is AI-powered identity security rewriting the rules for stopping social engineering attacks?

There's a tremendous opportunity to leverage AI against social engineering. It’s especially great at observing patterns and spotting anomalies. 

For instance, an employee that’s attempting to login at an unusual time or location. AI-powered security tools can identify and assess risk and then remediate it instantaneously, by triggering extra verifications or blocking access altogether.

Next-gen security tools are powering the transition to ‘adaptive identity’ – where identities are managed in a dynamic, rather than a static way, based on real-time context and user behaviour.

Ultimately, securing all users, applications and data has become a task that’s transcended the ability for humans to accomplish alone. 

AI-powered identity security can spot subtle threats that humans might miss. 

As a former White House advisor, what prevention move would you make mandatory across critical sectors today?

Every organisation – not just those in critical sectors – have got to get their machine identities and AI agents under control. 

In order to reap the benefits of AI, organisations are either leveraging the speed of an agent or granting them broad permissions – often it’s both. That combination of speed and permissions can lead to disaster when left uncontrolled.  

As things stand, AI agents are running riot – with 80% of organisations reporting that their AI agents have already performed unauthorised actions, including accessing and sharing sensitive information. This is more than a security concern; it’s a business risk. 

Regulators are paying attention not just to the organisations they directly oversee, but also to the broader supply chain. And rightfully so. We’ve seen third party risk manifest into multi-million-pound losses across various industries.

If organisations want to avoid risk and prevent an ‘identity explosion’, they need to introduce technology that governs AI agent access rights in the same way they would humans. 

That’s particularly important for critical sectors because they deal with huge volumes of sensitive and privileged data. 

Identities – be they human, machine or AI – must be managed effectively.