The Everything Feed - All Packet Pushers Pods HS116: Nth-Party Risk May Put You on the (Block) Chain Gang
Nov 11, 2025
Delve into the complexities of nth-party risks, exploring how these risks extend through supplier chains into the digital economy. Learn how agentic AI raises concerns about automated, opaque interactions, complicating risk management further. Discussion includes the potential of blockchain as a vital tool for maintaining auditable records of software updates and the obstacles to its widespread adoption. The hosts also debate whether government mandates or market incentives will effectively drive changes in risk management practices across industries.
AI Snips
Chapters
Transcript
Episode notes
Nth-Party Risk Defined And Illustrated
- John Burke defines nth-party risk as risks extending from vendors to suppliers-of-suppliers ad infinitum and distinguishes first-to-fourth parties.
- He links recent Salesforce breaches as examples of how distant supplier compromises create fourth-party risk for customers.
Supply Chain Risk Is Often Short-Sighted
- Supply chain risk is analogous to nth-party risk but IT teams often focus only on immediate suppliers.
- John Burke warns most teams don't think far enough into dynamic, rapidly changing supply chains.
Supermicro Episode Pushed Supply-Chain Awareness
- John Attil Johnson recalls the Supermicro controversy as an event that pushed IT to care about hardware supply-chain bugs.
- He argues SBOMs arose because people started asking what chips and modules are inside devices.
