Despite what security vendors might say, there is no way to comprehensively solve our supply-chain security challenges, posits JupiterOne CISO Sounil Yu. We can only manage them.
In the late 19th century, many large cities faced an unpleasant predicament due to too much horse manure piling up in the streets. Aside from the direct impact of the odors and unsightly excrement, it indirectly poisoned the water supply and accelerated the spread of disease.
There were some ways to mitigate the buildup with shovels and wheelbarrows. Still, the accelerating accumulation of manure from carriage horses was not entirely solvable through the existing technology and methods. Until the introduction of motorized vehicles, cities could not solve this predicament. At best, they could only manage it.
This is more or less the situation we face with the state of supply-chain security today. Declaring supply-chain security to be a problem suggests that there exists a solution. But supply-chain security is not a problem because there are no simple solutions or checklists. There aren’t even complicated solutions.
Rather, it’s a complex and chaotic predicament that today can only be managed. This is not simply a semantic difference. Drawing this distinction allows