Best Practices for Managing Software Supply Chains

☢️Manage Third-Party AI Risks Before They Become Your Problem☢️ AI systems are rarely built in isolation as they rely on pre-trained models, third-party datasets, APIs, and open-source libraries. Each of these dependencies introduces risks: security vulnerabilities, regulatory liabilities, and bias issues that can cascade into business and compliance failures. You must move beyond blind trust in AI vendors and implement practical, enforceable supply chain security controls based on #ISO42001 (#AIMS). ➡️Key Risks in the AI Supply Chain AI supply chains introduce hidden vulnerabilities: 🔸Pre-trained models – Were they trained on biased, copyrighted, or harmful data? 🔸Third-party datasets – Are they legally obtained and free from bias? 🔸API-based AI services – Are they secure, explainable, and auditable? 🔸Open-source dependencies – Are there backdoors or adversarial risks? 💡A flawed vendor AI system could expose organizations to GDPR fines, AI Act nonconformity, security exploits, or biased decision-making lawsuits. ➡️How to Secure Your AI Supply Chain 1. Vendor Due Diligence – Set Clear Requirements 🔹Require a model card – Vendors must document data sources, known biases, and model limitations. 🔹Use an AI risk assessment questionnaire – Evaluate vendors against ISO42001 & #ISO23894 risk criteria. 🔹Ensure regulatory compliance clauses in contracts – Include legal indemnities for compliance failures. 💡Why This Works: Many vendors haven’t certified against ISO42001 yet, but structured risk assessments provide visibility into potential AI liabilities. 2️. Continuous AI Supply Chain Monitoring – Track & Audit 🔹Use version-controlled model registries – Track model updates, dataset changes, and version history. 🔹Conduct quarterly vendor model audits – Monitor for bias drift, adversarial vulnerabilities, and performance degradation. 🔹Partner with AI security firms for adversarial testing – Identify risks before attackers do. (Gemma Galdon Clavell, PhD , Eticas.ai) 💡Why This Works: AI models evolve over time, meaning risks must be continuously reassessed, not just evaluated at procurement. 3️. Contractual Safeguards – Define Accountability 🔹Set AI performance SLAs – Establish measurable benchmarks for accuracy, fairness, and uptime. 🔹Mandate vendor incident response obligations – Ensure vendors are responsible for failures affecting your business. 🔹Require pre-deployment model risk assessments – Vendors must document model risks before integration. 💡Why This Works: AI failures are inevitable. Clear contracts prevent blame-shifting and liability confusion. ➡️ Move from Idealism to Realism AI supply chain risks won’t disappear, but they can be managed. The best approach? 🔸Risk awareness over blind trust 🔸Ongoing monitoring, not just one-time assessments 🔸Strong contracts to distribute liability, not absorb it If you don’t control your AI supply chain risks, you’re inheriting someone else’s. Please don’t forget that.

The National Institute of Standards and Technology (NIST) has released the draft publication “Developing Security, Privacy, and Cybersecurity Supply Chain Risk Management Plans for Systems” open for public comment until July 30. The document provides a structured approach for organizations to develop and maintain integrated plans that address security, #privacy, and #supplychain risks across the entire system lifecycle. It introduces a framework built around three interrelated plans: - System Security Plan (SSP): Documents the system’s security controls and requirements. - System Privacy Plan (SPP): Identifies and addresses privacy risks and applicable controls. - #Cybersecurity Supply Chain Risk Management Plan (C-SCRM): Focuses on managing risks related to third-party software, hardware, services, and suppliers. The guidance also outlines how organizations can: - Define roles and responsibilities for developing and maintaining these plans. - Document key system characteristics, including data flows, interconnections, and system boundaries. - Align each plan with organizational risk tolerance, operational needs, and regulatory requirements. - Establish update procedures to keep plans current with evolving threats and technology. - Track changes and maintain documentation using automation and configuration management tools. - Address supply chain risks in modern IT environments, including cloud, open-source, and hybrid systems. This draft is intended to help organizations bring greater consistency and integration to system-level planning and risk management efforts.

Third-Party Risk Management (TPRM) in #GRC— As organizations increasingly rely on vendors, contractors, and service providers, third-party risk management (TPRM) has become a critical part of GRC programs. Poor vendor management can expose companies to data breaches, regulatory penalties, and operational disruptions. 1. TPRM • Regulatory Compliance: Frameworks like PCI DSS, GDPR, and ISO 27001 require organizations to assess and monitor third-party risks. • Vendors often manage critical business functions, so disruptions in their processes directly impact your operations. • A vendor breach could tarnish your brand and lead to legal or financial penalties. 2. TPRM Lifecycle • Assess vendor security practices before engagement (e.g., security questionnaires, contract reviews). • Identify risks specific to the vendor (e.g., data handling practices, access to systems). • Continuously monitor vendor performance and compliance through audits, reporting, and SLAs. • Ensure proper data disposal and de-provisioning of access after vendor offboarding. 3. Frameworks / best practices • NIST SP 800-161 focuses on supply chain risk management for federal systems. • ISO 27001/27036 provides guidance on third-party security requirements. • Shared Assessments Program offers standardized tools like SIG (Standardized Information Gathering) for vendor assessments. 4. Key Tools • Vendor management platforms like OneTrust, BitSight, or Prevalent help automate risk assessments and ongoing monitoring. • Use third-party security ratings to assess vendor vulnerabilities in real time. 5. Building strong TPRM programs • Establish clear policies and procedures for vendor risk management. • Conduct periodic risk assessments and ensure vendors comply with applicable regulations. • Collaborate with stakeholders across procurement, legal, IT, and compliance teams. TPRM integrates seamlessly into GRC.

In this CSO Online post, I addressed Agentic AI Supply chain risk which is one of the top risk we cover at OWASP AIVSS project (aivss.owasp.org). For some high level mitigations, I listed the following: Vibe coding risk mitigation: Enforce manual review of AI-generated code and dependencies with CI/CD SAST pipeline. Verify all AI suggestions, especially package names and frameworks. MLBOM and AIBOM: Create inventories of datasets, models, and code dependencies for transparency and traceability of AI assets and supply chain integrity. Continuous scanning and monitoring: Integrate model and dependency scanners into CI/CD pipelines and monitor for anomalous behaviors after deployment. Zero trust and least privilege: Treat third-party AI assets as untrusted, sandbox new models and agents, and restrict AI agent permissions. Policy alignment: Update existing software supply chain security policies to cover AI platforms and address AI-specific risks including vibe coding. Thanks Lucian Constantin for the article, Kristina Rundquist for the opportunity to contribute.