Effective Handling of Third-Party Supplier Incidents
Kasturi Puramwar
BSidesSF 2025 — Here Be Dragons · Day 2 · Main
Kasturi Puramwar, incident response manager at Equinix, laid out a comprehensive cross-functional framework for handling third-party supplier incidents — arguing that the IR team alone cannot manage them effectively without structural partnerships with supply chain management, TPRM, legal, and a formal risk governance committee. The core insight: preparation done before an incident determines whether the response is coordinated or chaotic. ---
AI review
Methodical and complete cross-functional IR framework for third-party incidents. The Supply Chain Risk Management Committee structure for P1/P2 containment decisions is the most useful specific idea. Heavy on process diagrams, light on things that would surprise a senior IR practitioner.