Security · 2h ago
AI Supply Chain Risk: The New Third-Party Threat
Traditional vendor risk management fails to address AI supply chain risks from model weights, embeddings, and agent frameworks. Attack vectors include model serialization attacks, RAG poisoning, and compromised inference APIs. A financial services scenario shows how poisoned retrieval data can bypass input filters and trigger unauthorized actions.
Meridian48 take
The article rightly shifts focus from vendor contracts to technical dependencies, but enterprises may underestimate the difficulty of securing open-source AI components at scale.
ai-supply-chainthird-party-risk