3117: AI, Supply Chains, and Cybersecurity

[00:00:03] Is our approach to managing supply chain risk keeping pace with the rapid advancements in technology and cybersecurity threats?

[00:00:12] Well, today I'm excited to have Hayden Brooks, CEO of Riskledger, joining me on the podcast to join us in tackling this critical issue.

[00:00:23] Foundered back in 2018, Riskledger has emerged as somewhat of a pioneering platform in third-party risk management.

[00:00:31] They've gained traction with significant projects like the NHS Track and Trace over here in the UK.

[00:00:38] And with a background transitioning from neuroscience to cybersecurity, I think there might be an intriguing origin story there,

[00:00:47] not to mention unique insights into the evolving landscape of supply chain security.

[00:00:53] So, together we will explore how Riskledger is enhancing real-time threat intelligence and risk assessments

[00:01:01] and discuss the platform's role in both public and private sectors.

[00:01:05] Again, something I'm quite interested in learning more about.

[00:01:08] Very often, most businesses will set up in one of those camps, but not both.

[00:01:12] So, what strategies are proving effective in today's interconnected digital ecosystem?

[00:01:19] And how is Riskledger preparing to meet future challenges in this field?

[00:01:24] Well, let's get Hayden onto the podcast now to find out more.

[00:01:28] So, a massive warm welcome to the show.

[00:01:32] Can you tell everyone listening a little about who you are and what you do?

[00:01:36] My name is Hayden Brooks. I'm the CEO of a company called Riskledger.

[00:01:40] So, started off my career as a neuroscientist, ended up falling into security,

[00:01:44] or information security as all the best people do.

[00:01:47] Yeah, and worked for a few years as a security consultant before founding a company that now focuses in on supply chain security.

[00:01:53] So, it's all about helping our clients prevent cyber attacks within their supply chains.

[00:01:56] Well, I spoke to James from Riskledger, I think it was back in March,

[00:02:01] and I'd love to find out more about your origin story this time around.

[00:02:05] He said you started out as a neuroscientist.

[00:02:07] I feel there's got to be an origin story of some sort there.

[00:02:11] So, can you tell me a bit more about the story behind how you co-found Riskledger,

[00:02:15] and also any specific gaps you might have identified, or what brought it all together for you?

[00:02:21] So, yeah, I studied biomedical science and specialised in neuroscience university.

[00:02:25] Got to the end of my university career, and was trying to figure out what to do with my life at that point.

[00:02:30] Made an open application to KPMG at the time, and they were growing their cyber security team,

[00:02:35] or their information protection and business resilience team they were calling it, which is a bit of a mouthful.

[00:02:39] So, went through an assessment centre and joined that team.

[00:02:43] So, spent two years at KPMG and a year at Deloitte,

[00:02:46] essentially helping clients through various different types of security projects.

[00:02:50] A lot of the projects I did were in the supply chain.

[00:02:53] And essentially, when it came to supply chain risk, a lot of clients,

[00:02:57] and really the only tools they have to deal with supply chain risk today are quite archaic.

[00:03:01] So, whilst running these projects for clients, came up with this idea for a tech solution

[00:03:05] to try and solve a few of the problems they were experiencing.

[00:03:08] Did nothing with the idea, and then joined a startup for a couple of years after that,

[00:03:13] and then left.

[00:03:14] And again, found myself at a point in my life where I'm not really sure what I wanted to do,

[00:03:18] and had a friend who worked in venture capital.

[00:03:20] So, he sat me down and kind of taught me through venture capital,

[00:03:23] and then kind of learning a bit about the tech industry and how venture works,

[00:03:26] and then having this idea from back at my days in KPMG,

[00:03:29] decided to combine the two and start Risk Ledger.

[00:03:32] Fantastic. What a great story.

[00:03:34] And of course, Risk Ledger operates by integrating an entire supply chain or supply chains

[00:03:40] into a dynamic network.

[00:03:42] And we will have a lot of people listening that are outside of this space,

[00:03:45] and something I try and do every day on this podcast is demystify areas

[00:03:49] that they don't automatically associate with technology.

[00:03:52] So, can you just tell me a little bit more how this network-based model works in practice

[00:03:56] out there in the real world?

[00:03:57] And also, what makes it different from, let's say, traditional risk management methods?

[00:04:02] Yeah.

[00:04:03] So, I'd say every company basically has quite a large supply chain,

[00:04:06] and people don't often realise the breadth and depth of supply chains that companies have.

[00:04:12] But if you take, let's say, a high street bank, they'll have tens of thousands of suppliers,

[00:04:16] and some of those suppliers they'll transfer data to,

[00:04:18] some of those suppliers they'll rely on for some sort of service to make sure that the bank's operating,

[00:04:23] and other suppliers they'll integrate their own technology systems into the bank's tech stack.

[00:04:28] And so, because of that, that kind of opens up different types of risks,

[00:04:32] where an attack can happen in one of the suppliers that can cause either data loss or disruption

[00:04:36] at the end client.

[00:04:38] The only tool when I started the company that people had really to deal with that was risk assessments.

[00:04:43] It was trying to look at an individual supplier and understand what security they have in place

[00:04:46] and whether or not that security is good enough for that company to work with them.

[00:04:52] There were two big issues with that.

[00:04:53] When you're talking about a company that has tens of thousands of suppliers,

[00:04:56] it takes a lot of time, a lot of effort, and a lot of resource to do those risk assessments.

[00:05:00] It's also a very, very boring job.

[00:05:02] And then on the flip side, when you're measuring risk at another company,

[00:05:05] it's very hard to get that right.

[00:05:07] And so, these processes weren't that effective at actually stopping attacks from happening.

[00:05:11] So, the idea behind what we do is we basically have a secure social network

[00:05:16] that allows a company to sign up, describe what they do to defend themselves,

[00:05:21] and then other companies can connect to them and understand that security posture

[00:05:24] and whether or not it's within their own risk appetite.

[00:05:27] But because of that social network model, we end up basically with a map of the supply chain.

[00:05:30] So, we can see all these different companies, who's connecting to and reviewing who,

[00:05:33] which allows us then to be a lot more dynamic with that kind of data transfer.

[00:05:37] So, as these companies are going through reviews, they can update their security posture.

[00:05:41] Other companies can be alerted rather than that data just sitting on a spreadsheet offline.

[00:05:45] And then we can start to use the quite interesting things where we can overlay those maps with

[00:05:48] threat intelligence and other capabilities that don't currently exist within the supply chain

[00:05:53] that allow clients to understand when attacks are happening

[00:05:56] and what they can do to mitigate the impact of those attacks against themselves as well.

[00:06:01] So, it's almost like taking that status quo, making it a lot more agile and easier to run,

[00:06:06] but then overlaying it with these new capabilities that don't yet exist within the industry.

[00:06:10] And I think when talking about any new technology or tech-based solution,

[00:06:14] it's very easy to get lost in those things.

[00:06:17] And, of course, every single tech project out there is under increasing scrutiny for ROI

[00:06:23] and also what business value does it offer.

[00:06:27] So, if we just strip back the solution and the tech for a moment,

[00:06:30] what types of real-time insights does Risk Ledger provide to your users?

[00:06:35] And how do those insights ultimately help businesses preemptively identify

[00:06:40] and mitigate any potential threats in their supply chain?

[00:06:43] Because that seems to be where the magic happens, right?

[00:06:46] Yes, there's a couple of different layers to that value proposition.

[00:06:49] So, I suppose when we're first speaking to a client,

[00:06:51] the first layer is we'll take their current risk process

[00:06:53] and make it a lot quicker and cheaper to run.

[00:06:56] So, there's kind of an inherent business case in that.

[00:06:58] And then by plugging into that dynamic network,

[00:07:01] we then offer these new capabilities, like you say.

[00:07:03] So, the idea there is that as suppliers are changing their security posture,

[00:07:07] we can alert the client straight away.

[00:07:08] So, it becomes a lot more dynamic, a lot more up-to-date,

[00:07:11] rather than the clients having to go out and collect this data

[00:07:12] every year or every few years.

[00:07:16] And then on top of that, when new things happen within security,

[00:07:18] like you have a new vulnerability announced,

[00:07:20] or even some sort of operational disruption like the Russia-Ukraine war,

[00:07:23] we can very quickly understand from that entire network who's impacted,

[00:07:27] who's going to be impacted, what they're doing about it.

[00:07:29] But more importantly, where people are impacted,

[00:07:32] we know where they sit within that ecosystem.

[00:07:34] So, we can see what the knock-on effects of impact are going to be

[00:07:37] across this network of companies around them.

[00:07:40] And then the final element there is then overlaying it with threat intelligence.

[00:07:45] So, it's understanding when an attack happens, what type of attack was it,

[00:07:48] and what can the rest of the network do to stop that same attack hitting them.

[00:07:52] And this is going down the route of network immunization theory.

[00:07:55] So, it's basically using the experiences of each company on the platform

[00:07:59] to then help better protect the other companies on the platform as well.

[00:08:04] And yeah, I usually separate that value proposition out into the two parts.

[00:08:07] There's an efficiency part, and then there's almost like a new capability part

[00:08:10] that people don't even realize is they're able to implement so though.

[00:08:15] And another area that we've got to talk about is that increasingly complex regulatory compliance,

[00:08:22] especially with the enforcement of so many different regulations from DORA to NIST 2 more recently,

[00:08:28] that all emphasize managing third-party risks.

[00:08:30] So, with that increasing complexity going on there and new regulation happening all the time,

[00:08:36] how does Risk Ledger help organizations comply with some of these new rules?

[00:08:40] And are there any challenges that you've accounted in aligning your platform with these regulations?

[00:08:48] Because I would imagine it must be quite tricky from your side as well, keeping up with this.

[00:08:52] Yeah.

[00:08:53] And so, I'd say we're kind of at the cusp of regulatory wave.

[00:08:56] So, there's been quite a few high-profile supply chain attacks or breaches that have even hit BBC News.

[00:09:02] And that's led to regulators and even companies kind of taking more of a focus on their supply chain.

[00:09:08] And they kind of see it as their biggest attack surface.

[00:09:10] It's a lot easier to secure your own company than it is to secure your supply chain.

[00:09:16] So, these regulations are kind of separate out into two different parts.

[00:09:18] So, on the security side, they tend to actually be fairly similar, which is handy.

[00:09:22] It's all about understanding of your supply chain, where the weaknesses are, who those critical third parties are.

[00:09:27] So, who are those suppliers that, if they do come under attack, can cause kind of a bigger problem because many people rely on them.

[00:09:34] And then the other side of it is data protection, which is where it gets very complicated.

[00:09:37] So, I'd say with the data protection regulations, because each country that has some sort of data protection regulation has gone about it very differently,

[00:09:45] you end up with different kind of requirements depending on where the supply is based, where the client is based,

[00:09:52] where the data of the people comes from, where the two-capification of the people, the data you're collecting.

[00:09:59] And that leads to a very kind of complex register environment within data protection.

[00:10:03] So, in terms of our platform, so, we have the benefit of calling many of the UK regulators our clients already, which is quite nice.

[00:10:10] We actually help secure their own supply chains.

[00:10:12] And because of that, we have a really good relationship with them.

[00:10:15] So, we tend to be well ahead of any future regulation coming out.

[00:10:19] And the way the platform works, we've almost built a tool where we can drop different content into it.

[00:10:26] So, as the regulation changes, we have built the technology that allows that data to flow between companies.

[00:10:31] But the actual content of that data would be quite dynamic and change over time as well.

[00:10:35] And that allows us to stay on top of these future regulations.

[00:10:38] And that's part of our value proposition to clients.

[00:10:41] In terms of the product work, interestingly, I would say it's not really changed our roadmap.

[00:10:47] So, when we started, DORA was not really being spoken about and NIS2 hadn't been announced.

[00:10:52] But it has definitely accelerated parts of the roadmap that we already had in our mind for the future that now we know would be fully relevant to the clients as these new regulations come into force.

[00:11:03] It's been more of a prioritization challenge rather than a technical innovation challenge, I'd say.

[00:11:09] And before you came on the podcast, I was doing a little additional research on Risk Ledger, just getting up to speed with things.

[00:11:15] And one of the things that really stood out to Mary was at Risk Ledger, you're engaged with multiple government entities and private companies.

[00:11:23] So, I'm curious, how has collaborating with such diverse organizations, how's that influenced the evolution of your platform?

[00:11:30] Because two very different worlds.

[00:11:32] And I'm not sure if you've got any use cases or case studies that will just bring that to life of how you've been able to significantly mitigate risks or even prevent downtime.

[00:11:44] Yeah.

[00:11:45] So, when we launched, I'll be quite kind of blunt as I say this, our investors were saying, focus on the private market, focus on the frack market.

[00:11:53] That's how you'll make money, essentially.

[00:11:55] Absolutely.

[00:11:56] And I think kind of our go-to-market over the last three, four years has evolved from when you start at Spray and Pray.

[00:12:01] It's whoever will start paying you money for a contract is who you win.

[00:12:04] And then kind of the go-to-market ends up being a lot more focused around particular ICPs that you have to kind of go through that Spray and Pray kind of mode to learn what ICPs really kind of gel with your product the best.

[00:12:15] Ideal customer profiles being an ICP.

[00:12:18] But in 2021, and so we launched in 2020, then COVID hit, which was an interesting time.

[00:12:23] I would say in 2020, most of our clients were in the private sector.

[00:12:26] But in 2021, we ended up winning COVID Test and Trace and their security team in the UK.

[00:12:31] So, that was quite an interesting client to win because whilst they are public sector or were public sector, they were basically given kind of free reign and a huge budget to solve the COVID issue.

[00:12:42] And so, they acted more like a private sector entity.

[00:12:45] And we did so well with them that the next thing we learned is that public sector all talked to each other.

[00:12:50] And because of the success we'd had with COVID Test and Trace, and they're now called the UK Health Security Agency, we then ended up basically being spread essentially around public sector.

[00:13:00] All of the heads of security were talking to each other and kind of raving about the success we'd had with COVID Test and Trace, which then led us to kind of grow out our public sector side of our client base.

[00:13:11] I would say that security, whether you're in the public sector, private sector, and even within the private sector, it's fairly similar across all the different kind of verticals.

[00:13:20] It's whether you're walking into like a government department or an oil and gas company or a telco, there is some nuance.

[00:13:28] But the core kind of elements of how we think about security are very similar.

[00:13:31] And that kind of worked well with our platform and kind of our ability to build the platform for everyone.

[00:13:37] In terms of specific successes, we have a really good case study where the COVID Test and Trace team quite early on basically had two suppliers that were providing a critical reagent for the COVID testing supply chain.

[00:13:49] And this critical reagent was required for the UK government to be able to run the testing.

[00:13:53] So, they had chosen two suppliers in case one had an incident or one had gone bust, they could default to the second.

[00:13:58] And we were able to show you through that kind of mapping function of our platform that actually both of those third parties use the same fourth party underneath them.

[00:14:06] And so, all they've done was really push that bottleneck kind of one layer down the supply chain.

[00:14:09] And we were able to identify that risk and then essentially help them devolve those two kind of like core supply chains.

[00:14:17] So, one third party then went with a different fourth party, then the second third party went with a different one altogether as well.

[00:14:23] And that was a really good success story that I think resonated not just with our public sector clients, but with also all of our private sector clients.

[00:14:31] And going back to the regulation, a lot of these new regulations focus on something called concentration risks, which is what we're talking about there.

[00:14:37] It's where you end up with one company doing something really well, but that is the only company doing it and everybody relies upon them.

[00:14:43] So, if they do have an incident, essentially the impact of that incident is then magnified across the entire sector.

[00:14:48] That's the idea.

[00:14:50] I love that.

[00:14:51] And I can't believe we've gone 15 minutes without talking about it, but it's time to bring up AI.

[00:14:56] It seems to be law to mention it in a tech podcast at the moment.

[00:14:59] But given the current global cybersecurity threats, in particular with AI being both a force for good and bad,

[00:15:06] how do you at Risk Ledger adapt your solutions to stay ahead of emerging threats?

[00:15:11] And what role does the platform play in that broader context of cybersecurity resilience?

[00:15:18] Because it's becoming more and more important, isn't it?

[00:15:21] Yeah.

[00:15:21] So, for me, when we think about AI and research, there's almost two parts to it.

[00:15:25] There's part that's helping our clients understand the risks of AI to their supply chains and to their own security posture.

[00:15:31] And then the other part of it is how we can use AI to improve our platform in some way.

[00:15:37] So, on the latter, we kind of see our AI as a tool or some sort of tool to leverage some sort of value.

[00:15:44] And so, we've been very careful about how we influence it, but we have implemented a few different kind of solutions within our platform that use AI to help typically with some sort of data translation.

[00:15:55] So, when a supplier is signing up, it's helping them answer security questions to improve or increase their time to onboard.

[00:16:03] On the risks, it's quite interesting.

[00:16:06] When you look at the supply chain, there tends to be two types of AI suppliers.

[00:16:10] There's the big AI providers, so the likes of OpenAI.

[00:16:12] And then there are companies that then use those big AI providers or utilize AI within their tech stack in some way.

[00:16:19] And so, the way our platform works, we could already identify the risks of where people were using these larger AI providers.

[00:16:25] The hidden risks tends to be where you have a smaller tech company whose engineers have just gone and plugged APIs into their platform without telling anyone and without going through kind of the proper guardrails or the proper process for getting commissioned to do so.

[00:16:38] And that's where you start to get kind of data leakages happening throughout the supply chain.

[00:16:42] So, you might be using a tech product that you think is completely risk-free from AI.

[00:16:47] And then it turns out actually that they've plugged something in that means all of the data you're feeding that platform is then going through into somebody else's AI model.

[00:16:54] And what we do there is we ensure that the governance of the companies that you work with has a sensible level of controls around their use of AI.

[00:17:03] So, it's making sure if they do use AI, they've told their clients about it.

[00:17:06] It's making sure that the legal contracts are up to date with the permissions surrounding use of AI in the supply chain.

[00:17:12] And it's monitoring for where one of your third, fourth, or fifth parties has started to use one of these larger AI providers like OpenAI as well.

[00:17:20] And another thing I was reading recently was on the topic of data breaches.

[00:17:25] And it can take an organization at least five years to get over the reputational damage caused by a breach alone.

[00:17:31] But from your experience behind the scenes, what has been the operational impact of a data breach on an organization?

[00:17:38] And how has your approach helped in some of these situations?

[00:17:41] Because I don't think we get to hear what's going on behind those doors during an event like this.

[00:17:47] Yeah. The first thing I'd say here is that every breach is different.

[00:17:50] And before starting with SedgeRides, I worked alongside people who had done incident response.

[00:17:55] And I'd worked on a few breaches myself.

[00:17:58] I mean, just to give you some idea of the operational impact, there was one company who had all of their tech hosted in two production data centers.

[00:18:06] And then they had two backup data centers.

[00:18:07] They were hit with a cyber attack that took out both production data centers and both backup data centers within 14 minutes.

[00:18:15] So then knowing the attack had started.

[00:18:17] And so, yeah, usually when you're dealing with an incident, it can be very quick, very fast paced, very stressful.

[00:18:22] And depending on the incident can mean weeks and weeks and weeks of a lot of work to basically recover your systems and any data that you can recover.

[00:18:31] Within the supply chain, there is really a huge amount of tools or playbooks for responding to a supply chain incident.

[00:18:37] And that's really what SedgeRides are trying to bring to the forefront for our clients.

[00:18:41] So the idea is trying to understand when a company comes under attack, what was the attack?

[00:18:46] Are there any indicators of attack or compromise that we can share with the wider network?

[00:18:50] And it's all about basically trying to increase collaboration so that when an attack does happen, you see that as a useful source of threat intelligence to better protect your own business.

[00:18:59] And so we've had cases in critical infrastructure where a supplier has come under attack, a client has been alerted, but not all of the clients to that supplier have been alerted.

[00:19:08] And there it's about us kind of like sharing that intelligence with the clients, with the suppliers, and then helping support them through that process, which may be a case of telling them what other suppliers they can use to provide some sort of critical service.

[00:19:20] It may be a case of supporting the conversation between the client and the supplier to make sure that the client is getting the information they need, but not burdening that supplier with a load of extra work on top of all the incident response they're doing.

[00:19:32] Yeah, and there's a lot of different playbooks that we're really writing from scratch in that space because they didn't exist before the company started.

[00:19:40] And if we dare to look into 2025, we've already got futurists and research firms like Gartner saying agentic AI is going to be the big buzzword of 2025.

[00:19:50] But in your world, what are the next steps for Risk Ledger in terms of technology development and market expansion?

[00:19:58] And I appreciate you're probably locked down and can't tell me too much, but are there any new features or partnerships on the horizon or any teasers that you can leave everyone listening with that you're particularly excited about next year?

[00:20:10] Yeah, I'm not known for having a filter, so I'll do my best to not share anything too confidential.

[00:20:15] So I suppose next year we're doubling down on both that incident response type capability, so being able to understand actually kind of the operational cyber element of what's happening in your supply chain and what you can do to mitigate against real cyber incidents.

[00:20:28] On top of that, we're doubling down on this idea of community.

[00:20:31] So one of the things we found was where we start to win clients within a specific sector or within a specific kind of area, we tend to find that actually those clients in the past have never really worked together before on their supply chain.

[00:20:47] And so the whole idea behind our platform is it now allows our clients and the suppliers to collaborate a lot better.

[00:20:52] So if one client has done a review of a supplier, the other client can then use that data in some way to help enhance their review.

[00:20:59] It then saves the supplier time because they're not having to go through two separate reviews.

[00:21:03] They're doing one review and having all of their clients feed off of it.

[00:21:05] So basically just benefits the entire community, we call it.

[00:21:09] On top of that, I would say we are doing very well in the UK.

[00:21:14] We then also became fairly international fairly quickly.

[00:21:17] But next year is all about kind of doubling down on that international expansion.

[00:21:20] So looking at other markets around Northern Europe, the US, especially with the current geopolitical climate and kind of a lot of potential nation state cyber attacks started to be launched from various parts of the world as well.

[00:21:34] But yeah, there's kind of the two main areas we're focusing on.

[00:21:37] So much food for thought there and a few teasers.

[00:21:40] So looking forward to following you and finding out more about what happens next year.

[00:21:44] And of course, we started the podcast today talking about your origin story.

[00:21:48] What put you on this path?

[00:21:49] And as we come full circle now, I'm going to try to have a little bit of fun with you because, hey, regulatory compliance and supply chains can be a dry topic.

[00:21:58] So what has been the soundtrack to your journey in tech?

[00:22:03] I always ask my guests, leave everyone listening with a song that we can add to our Spotify playlist.

[00:22:08] Guilty pleasures are allowed.

[00:22:10] But what song would you like to add and why?

[00:22:13] That's a really good question.

[00:22:15] I'd say I've definitely gone through different chapters in the kind of the journey of the company.

[00:22:19] And I probably have a different song that would describe each chapter.

[00:22:23] The latest one would have been we raised our Series A last year, which was perhaps one of the more challenging times to raise the Series A.

[00:22:29] The entire kind of funding market bottomed out.

[00:22:33] And yeah, we ended up having a lot of conversations, raised a really good Series A roundup, some really good investors, which was nice in the end.

[00:22:40] And it only took about seven months to do so, so it wasn't too bad.

[00:22:42] But the song throughout the whole kind of part of that era was a song called Human.

[00:22:48] And it was the Aaron Hibble remix, who I think is famous for doing the remix of the Oppenheimer soundtrack as well.

[00:22:56] So yeah, if anyone likes trance or techno, I'd recommend giving that song a listen.

[00:22:59] You had me at trance and techno.

[00:23:02] We will get that added straight to the Spotify playlist.

[00:23:05] For anyone listening wanting to find out more information about you, about Risk Ledger, about where you're heading, or just want to connect with you or your team.

[00:23:13] Is there anywhere in particular you'd like to point everyone listening?

[00:23:16] Yeah, so our website, riskledger.com.

[00:23:19] It's a pretty good place to start.

[00:23:21] And then if anyone wants to pick up a conversation or chat about anything to do with cybersecurity or supply chain risk, or even building tech companies and just venture in general, you can find me on LinkedIn.

[00:23:32] And yeah, I'm pretty responsive.

[00:23:35] Awesome.

[00:23:35] I'll get links added to everything so people listening can find you nice and easy.

[00:23:39] We talked about so much and covered a lot of topics there, from your origin story, inception and vision of Risk Ledger to the real-time insights that it provides and overcoming challenges around regulatory compliance in supply chains.

[00:23:52] And even having time to leave us with a great tune too.

[00:23:55] But thanks for joining me today and sharing your story.

[00:23:58] Lovely to speak to you, Neil.

[00:24:00] I think it's evident that managing supply chain risks requires innovative approaches and robust platforms, just like Risk Ledger.

[00:24:07] And I think today we learned how the platform provides critical real-time insights, fosters a secure network of suppliers to mitigate emerging threats, including those posed by AI technologies.

[00:24:20] And as Risk Ledger plans its international expansion and further development of its incident response capabilities, what are the next steps for organizations that are aiming to enhance their supply chain security frameworks?

[00:24:34] Hayden has shared his story today.

[00:24:36] But now, over to you.

[00:24:38] Please, share with me your story, your insights.

[00:24:40] If you want to come on here, tell me that too.

[00:24:43] Let me know that too.

[00:24:44] But you can email me, techblogwriteroutlook.com, Twitter, Instagram, LinkedIn, just at me or CQs.

[00:24:51] Looking forward to hearing your thoughts on this one.

[00:24:53] But it's time for me to get out of here.

[00:24:55] I will speak with you all bright and early tomorrow.

[00:24:57] I won't keep you waiting that long.

[00:24:59] I will do it all again with a different guest and a different topic.

[00:25:03] But that's it for today.

[00:25:04] Bye for now.

[00:25:11] Bye for now.

[00:25:12] Bye for now.

[00:25:12] Bye for now.

[00:25:12] Bye for now.

[00:25:12] Bye for now.

[00:25:13] Bye for now.

[00:25:13] Bye for now.

[00:25:13] Bye for now.

[00:25:13] Bye for now.