Notifications
Clear all
Topic starter
12/06/2026 9:46 pm
TL;DR: Sisense’s breach highlights how third-party compromise can turn identity trust into a supply chain problem, with Saviynt tying the incident to broader concerns about major supply chain attacks and downstream exposure. The lesson for practitioners is that vendor access, not just perimeter defense, now sits inside the identity threat model.
NHIMG editorial — based on content published by Saviynt covering the Sisense breach and broader supply chain attack risk
Questions worth separating out
Q: What breaks when supplier access is not tightly governed?
A: When supplier access is not tightly governed, a compromise in the third party can become your compromise.
Q: Why do third-party credentials increase supply chain risk?
A: Third-party credentials increase supply chain risk because they often combine standing privilege with broad operational reach.
Q: How do teams know if supplier identity governance is working?
A: Supplier identity governance is working when every external account has a clear owner, a narrow purpose, an expiry or review date, and continuous monitoring.
Practitioner guidance
- Inventory every supplier identity path Map accounts, tokens, API keys, certificates, and delegated admin links that let third parties reach production systems.
- Scope vendor access to explicit business functions Replace broad shared access with narrowly assigned permissions tied to named systems, named data sets, and named support workflows.
- Tie third-party access to lifecycle events Revoke or re-certify supplier access when contracts change, support ends, ownership changes, or integrations are retired.
What's in the full article
Saviynt's full article covers the operational detail this post intentionally leaves for the source:
- The specific supplier and supply chain incidents referenced in the news roundup, including the context behind the Sisense breach.
- The vendor's framing of how third-party attacks relate to identity security platform strategy and product positioning.
- The other linked security stories in the roundup, which provide additional incident context beyond this post's identity-focused analysis.
- The source article's broader editorial context around recent cyber risk developments and identity security coverage.
👉 Read Saviynt's analysis of the Sisense breach and supply chain identity risk →
Sisense breach and supply chain identity risk: what teams missed?
Explore further
View Full Forum → | NHI Foundation Course → | Our Services →
13/06/2026 12:04 am
Supply chain compromise is now an identity governance problem, not only a vendor risk problem. The Sisense breach reinforces a pattern NHIMG has seen repeatedly: trusted third-party access becomes the shortest path into environments that otherwise appear well defended. That means procurement assurance and security questionnaires are not enough on their own. Practitioners need to govern the identity paths suppliers use, because those paths are what attackers actually inherit.
A few things that frame the scale:
- 72% of organisations have experienced or suspect they have experienced a breach of non-human identities, 46% confirmed and 26% suspected, according to The 2024 ESG Report: Managing Non-Human Identities.
- Two-thirds of enterprises have endured a successful cyberattack resulting from compromised non-human identities, with a quarter encountering multiple attacks, according to The 2024 ESG Report: Managing Non-Human Identities.
A question worth separating out:
Q: Who is accountable when a supplier compromise exposes internal systems?
A: Accountability usually sits with the organisation that granted and failed to govern the access, even if the initial compromise occurred at the supplier. Legal, procurement, security, and identity teams all need a shared process for approving, reviewing, and revoking external access. If no owner can answer for the identity, the control failed before the incident did.
👉 Read our full editorial: Sisense breach shows how supply chain attacks expose identity risk
