Reimagining Third-Party Risk in an Agentic AI World

Previously Recorded
February 18, 2026
Back

Reimagining Third-Party Risk in an Agentic AI World

Third-party risk is no longer a secondary concern. It has become the primary threat vector for enterprise compromise.

Q4 marked a structural inflection point: Attackers stopped targeting enterprises directly and instead exploited trusted vendors, open-source maintainers, SaaS integrations, and AI platforms often without triggering immediate detection. The result? Silent exposure, cascading outages, regulatory fallout, and brand damage that boards are now feeling firsthand.

Traditional TPRM models static questionnaires, annual reviews, and trust-based reporting were not built for this reality.

Why this matters now:

  • AI accelerates risk while creating new blind spots in vendor oversight
  • Open-source ecosystems now behave like critical infrastructure
  • SaaS and API trust chains enable lateral compromise at machine speed
  • Vendor patching and remediation have become operational risk events
  • Insurance is retreating, shifting exposure back to the balance sheet

The question is no longer “Do we trust our vendors?” It’s “Do we have real-time visibility, verification, and resilience when they fail?”

In this live session, we’ll explore:

  • How agentic AI is reshaping supply chains and third-party trust assumptions
  • Why vendor criticality must be measured by blast radius, not contract size
  • What “continuous assurance” actually looks like in practice
  • How CISOs are adapting governance, identity, and incident response models now

Speakers

Host: Greg Crabb
CISO-in-Residence, Ballistic Ventures
Sangram Dash
Chief Information Security Officer, Sisense
Cassie Crossley
Author of "Software Supply Chain Security" and CEO, Stealth Startup
Sekhar Nagasundaram
VP & Global Head of Cybersecurity Threat Management, Elevance Health

About TrustChain

Trust is no longer a belief. It’s an operational discipline.

TrustChain is Ballistic Ventures’ newest cohort, bringing together security leaders to reframe third-party risk for the AI era – moving from compliance theater to operational resilience architecture. This session marks the public launch of our ongoing working forum focused on reimagining third-party risk management (TPRM), supply chain security, and AI governance. Attendees will be invited to future sessions, working groups, and in-person discussions.

TrustChain is backed by Ballistic Ventures portfolio companies advancing the future of TPRM: Nudge Security and Zip Security.

 

 

Now available on demand

The video is available to watch below.