By Marco Ciappelli
An Article Inspired by our On Location Coverage of ThreatLocker’s Zero Trust World 2025
The Internet Was Built on Trust And That’s the Problem
When the first message was sent over ARPANET in 1969, linking computers at UCLA and Stanford, the internet’s foundation was built on trust. The pioneers of networking envisioned an open system—one where universities, researchers, and eventually businesses could exchange information freely. Security wasn’t a primary concern because, at the time, no one anticipated the global, interconnected web of dependencies that would emerge.
Today that original vision has become a liability—not just for cybersecurity but for society itself. The supply chains we rely on are no longer just about IT infrastructure or software updates. They now power everything: from the food in grocery stores to hospital equipment, transportation networks, and even the digital services that keep economies running. We live in a supply chain-driven world, and that makes trust—once an asset—a dangerous vulnerability.
The Supply Chain is the Network—And It’s Under Attack
At Zero Trust World 2025, an event organized by ThreatLocker, Bradford Bleier took the stage to dissect the reality of modern supply chain security. Sean Martin and I were on location covering the event for ITSPmagazine, exploring the growing intersection of cybersecurity, technology, and society.
Bleier’s message was clear: supply chains are no longer just corporate concerns—they are embedded in every aspect of daily life. Attacks that once targeted businesses are now disrupting entire industries, government operations, and even individual consumers.
A retired FBI agent, Bleier explained how supply chain attacks have evolved from physical tampering—like intercepting hardware shipments—to deeply embedded cyber threats. He traced this back to intelligence tradecraft used for decades, such as planting malicious chips in routers or modifying firmware before devices even reach their final destination. Today, the threat has escalated:
• The router you install may not be the router you ordered.
• The software update you download may not be the one you think it is.
• The cloud infrastructure you trust may not be as secure as promised.
• The food or medicine you rely on could be delayed—or even compromised—because of a cyberattack on logistics systems.
From Digital Risk to Societal Impact
Bleier’s talk highlighted an unsettling truth: supply chain attacks aren’t just about data breaches or stolen intellectual property. They have real-world consequences.
• When Colonial Pipeline was attacked in 2021, gas shortages rippled across the U.S. East Coast.
• When a major food supplier was hit by ransomware, supermarket shelves were left empty.
• When hospitals’ digital systems go down due to compromised third-party vendors, patient care is directly affected.
Every aspect of modern life is interconnected through digital trust—and that trust is being exploited. We assume our phones, cars, and medical devices are secure, that the power grid will stay online, and that our financial transactions are protected. But what happens when those assumptions fail?
The Zero Trust Mandate: Why Blind Trust is No Longer an Option
The traditional model of network security assumed a perimeter—an inside that was safe and an outside that was dangerous. But as Bleier pointed out, those borders have vanished. Our lives are shaped by networks that blur the lines between physical and digital, local and global, trusted and untrusted.
The solution? Zero Trust.
Zero Trust is not just a cybersecurity strategy—it’s a societal necessity. It acknowledges that threats are already inside the network and that security must be enforced at every level: from endpoints to cloud services to the software supply chain. Bleier underscored how modern attacks exploit trust relationships between organizations, making it essential to verify every connection, every transaction, and every system update.
But Zero Trust isn’t just about securing data centers and corporate systems—it’s about protecting the infrastructure we rely on as a society.
The Compliance Trap: When Security Becomes a Bureaucratic Nightmare
Beyond the technical threats, Bleier also called out the growing complexity of compliance frameworks like NIST, HIPAA, and CMMC. He argued that while regulations are designed to improve security, they often introduce new problems. Companies find themselves drowning in contractual obligations, redundant audits, and conflicting cybersecurity mandates. In some cases, organizations are forced to maintain completely separate infrastructures just to meet different compliance standards—an unsustainable and ineffective approach.
When compliance becomes more about paperwork than actual security, society bears the risk—because the vulnerabilities remain.
Where Do We Go From Here?
Bleier’s talk served as a wake-up call: the supply chain is now the battlefield, and trust is the primary attack vector. Organizations must shift from passive compliance to proactive security, embedding Zero Trust principles into their networks, vendor relationships, and cloud environments.
But this isn’t just about companies—it’s about the world we live in. The systems that power hospitals, food distribution, energy grids, and personal devices are all part of the same interconnected supply chain. If those supply chains aren’t secure, our daily lives aren’t either.
As part of ITSPmagazine’s Zero Trust World coverage, this article focuses on the societal and technological implications of supply chain security. For the technical breakdown of Bleier’s recommendations and the cybersecurity strategies to counter these threats, Sean Martin provides the in-depth analysis.
One thing is clear—what started as an open, trust-based internet has become a high-stakes security landscape where trust itself must be constantly verified. The future belongs to those who adapt.
What’s Changed?
• Expanded societal impact—supply chain attacks don’t just affect companies, they impact everyday life (food, medicine, energy, finance).
• Highlighted trust in technology—how people assume their devices and services are safe, but supply chain attacks prove otherwise.
• Reinforced that Zero Trust isn’t just cybersecurity—it’s a necessity for modern society.
As part of my On Location coverage with Sean Martin, this is just one of many articles exploring cybersecurity’s deep ties to society.
Follow our Coverage of ThreatLocker’s Zero Trust World Conference 2025
https://www.itspmagazine.com/zero-trust-world-2025-cybersecurity-and-zero-trust-event-coverage-orlando-florida
Read, listen, and subscribe: 🎙️ On Location with Sean & Marco for full Zero Trust World 2025 coverage https://on-location-with-sean-martin-and-marco-ciappelli.simplecast.com/
Musing on Society & Technology for more reflections on tech, culture, and cybersecurity.
https://www.linkedin.com/newsletters/7079849705156870144/
Comments and feedbacks are welcomed, as well as guests proposal to discuss this on my Redefining Society and Technology podcast.
Cheers,
Marco
Stay Connected and Keep Thinking and Learning
To learn more about Zero Trust security strategies and how to build a stronger cybersecurity posture for your business:
Connect with the ThreatLocker team to explore solutions that support Zero Trust implementation.
Look for Sean’s companion article, Operational Perspectives on Supply Chain Security: Cascading Threads of Compliance on this same topic, as part of our coverage, presented from a business of security perspective.
Watch and listen to all of ITSPmagazine’s coverage of ThreatLocker’s Zero Trust World 2025 to gain deeper insights from security experts and industry leaders.
Read, listen, and subscribe: 🎙️ On Location with Sean & Marco for full Zero Trust World 2025 coverage: https://on-location-with-sean-martin-and-marco-ciappelli.simplecast.com/
Musing on Society & Technology for more reflections on tech, culture, and cybersecurity: https://www.linkedin.com/newsletters/7079849705156870144/
