To give you the best possible experience, this site uses cookies. Review our Privacy Policy and Terms of Service to learn more. Got it!
Search a title or topic

Over 20 million podcasts, powered by 

Player FM logo
Artwork

McCrary Institute News Tech News Video Cyber Threats
Content provided by McCrary Institute. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by McCrary Institute or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.
Player FM - Podcast App
Go offline with the Player FM app!
Get it on App Store Get it on Google Play

Cyber Focus »
The Hidden Dangers in Your Supply Chain with SecurityScorecard's Aleksandr Yampolskiy

37:19
 
Play
Playing
Share
 

MP4Episode home
Manage episode 518956351 series 3551151
Content provided by McCrary Institute. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by McCrary Institute or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.

SecurityScorecard CEO Aleksandr Yampolskiy joins Cyber Focus to warn that third-party risk is now the dominant cybersecurity epidemic. With just 150 companies responsible for 90% of the global attack surface, a single compromise can ripple across sectors and continents. He and host Frank Cilluffo explore the cascading risks of software dependencies, fourth- and fifth-party exposure, and the challenges of shadow IT and shadow AI. Yampolskiy outlines where companies fall short on governance and calls for outcome-driven oversight, not just busywork. They also discuss how AI can be both a vulnerability vector and a force multiplier for defense.

Main Topics Covered • Third-party breaches now account for 65% of cyber incidents globally • Only 150 companies comprise 90% of the global attack surface • The risks of shadow IT and "shadow AI" leaking sensitive data • Systemic vulnerabilities in critical infrastructure like U.S. ports and healthcare • Limitations of compliance-driven approaches without continuous risk measurement • The need for clear governance, outcome-oriented metrics, and board-level engagement

Key Quotes "65% of data breaches today happen through use of a third party. Hackers go after one weak link." — Aleksandr Yampolskiy

"150 companies' products comprise 90% of a global attack surface. So if one of those companies gets compromised, all of a sudden, you can compromise almost everybody." — Aleksandr Yampolskiy

"You can be fully compliant with all the regulations, but not secure. Or you could be really secure but not compliant." — Aleksandr Yampolskiy

"An employee takes [the] general ledger or... some sensitive corporate information, uploads it to ChatGPT—or worse, to [a model] in China—gets a beautiful response, looks like a champion... but then you just leaked sensitive information from a company and nobody knows about it." — Aleksandr Yampolskiy

"Our ability to network has far outpaced our ability to protect networks." — Frank Cilluffo

Relevant Links and Resources • SecurityScorecard Research

Guest Bio Aleksandr Yampolskiy is the Co-Founder and CEO of SecurityScorecard, a global leader in cybersecurity ratings and risk management. A former CISO and CTO, he has led the company since 2014 in helping tens of thousands of organizations—including half of the Fortune 100—measure and strengthen their cyber resilience.

  continue reading

99 episodes

#McCrary Institute #News #Tech News #Video #Cyber Threats
Artwork

The Hidden Dangers in Your Supply Chain with SecurityScorecard's Aleksandr Yampolskiy

Cyber Focus

published

Play Playing
iconShare
 
MP4Episode home
Manage episode 518956351 series 3551151
Content provided by McCrary Institute. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by McCrary Institute or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.

SecurityScorecard CEO Aleksandr Yampolskiy joins Cyber Focus to warn that third-party risk is now the dominant cybersecurity epidemic. With just 150 companies responsible for 90% of the global attack surface, a single compromise can ripple across sectors and continents. He and host Frank Cilluffo explore the cascading risks of software dependencies, fourth- and fifth-party exposure, and the challenges of shadow IT and shadow AI. Yampolskiy outlines where companies fall short on governance and calls for outcome-driven oversight, not just busywork. They also discuss how AI can be both a vulnerability vector and a force multiplier for defense.

Main Topics Covered • Third-party breaches now account for 65% of cyber incidents globally • Only 150 companies comprise 90% of the global attack surface • The risks of shadow IT and "shadow AI" leaking sensitive data • Systemic vulnerabilities in critical infrastructure like U.S. ports and healthcare • Limitations of compliance-driven approaches without continuous risk measurement • The need for clear governance, outcome-oriented metrics, and board-level engagement

Key Quotes "65% of data breaches today happen through use of a third party. Hackers go after one weak link." — Aleksandr Yampolskiy

"150 companies' products comprise 90% of a global attack surface. So if one of those companies gets compromised, all of a sudden, you can compromise almost everybody." — Aleksandr Yampolskiy

"You can be fully compliant with all the regulations, but not secure. Or you could be really secure but not compliant." — Aleksandr Yampolskiy

"An employee takes [the] general ledger or... some sensitive corporate information, uploads it to ChatGPT—or worse, to [a model] in China—gets a beautiful response, looks like a champion... but then you just leaked sensitive information from a company and nobody knows about it." — Aleksandr Yampolskiy

"Our ability to network has far outpaced our ability to protect networks." — Frank Cilluffo

Relevant Links and Resources • SecurityScorecard Research

Guest Bio Aleksandr Yampolskiy is the Co-Founder and CEO of SecurityScorecard, a global leader in cybersecurity ratings and risk management. A former CISO and CTO, he has led the company since 2014 in helping tens of thousands of organizations—including half of the Fortune 100—measure and strengthen their cyber resilience.

  continue reading

99 episodes

#McCrary Institute #News #Tech News #Video #Cyber Threats

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Listen to 500+ topics
Player FM - Podcast App
Go offline with the Player FM app!
Get it on App Store Get it on Google Play
icon
Help/FAQ | Advertise with Us
Arts|Business|Comedy|Economics|Entertainment|News|Politics|Religion
Science|Soccer|Sports|Storytelling|Technology|True Crime
Copyright 2025 | Privacy Policy | Terms of Service | | Copyright
Episode being played series thumbnail
icon icon
Speed
Series settings
1x
1x
Volume
100%
icon
icon icon
/

View Player FM in...
Player FM
Browser
Chrome
Safari
Firefox
Listen to this show while you explore
Play