Ransomware and the Supply Chain: A Fireside Chat with the CISOs Who Literally Wrote the Book on Third-Party Risk

January 20th, 2026 @ 11 AM EST

Ransomware risk no longer sits within the boundaries of a single organization. More than 61% of incidents now originate through third-party suppliers, service providers, or software partners — meaning an organization’s resilience is directly tied to the resilience of its broader ecosystem.

This fireside chat brings together Matt Stamper and Gary Hayslip, both with extensive experience leading security programs, managing complex vendor environments, co-authoring a guide on mastering third-party risk, and working through real-world ransomware and operational disruptions. They will share a grounded, practitioner-focused discussion on what it actually takes to strengthen resilience across modern supply chains.

Hear from the CISOs who literally wrote the book on supply chain risk. Rather than walking through checklists or vendor scorecards, they will discuss:

• How attackers are increasingly leveraging supplier relationships and ecosystem weaknesses

• Early warning indicators that matter when the objective is resilience rather than pure prevention

• How cultural drift, operational fatigue, and shifting priorities slowly weaken resilience over time

• Ways to communicate resilience in practical business terms — such as downtime, recovery confidence, and patient or customer impact

• A realistic approach to helping suppliers improve their defenses without adding unnecessary process or friction

The discussion will be rooted in real experience: what has worked, what has not, what lessons were learned the hard way, and how leaders are adapting under growing pressure from boards, regulators, and the broader market.