Hello and welcome to the ThoughtWorks Technology podcast. I'm your host, Mike Mason,

and today's podcast is going to be about securing the software supply chain. I'm joined today by

two guests, Mike Ensor, who is a solution architect at Google, and

Jim Gumley, who is a tech principal at ThoughtWorks with a focus on cybersecurity.

Hi to both of you, and can I get you to just introduce yourselves briefly, Mike?

Sure.

Hey, thanks for letting me come in and chat today. My name is Mike. I work at Google.

I work as a solution architect, which allows me to go in and talk to a lot of different companies,

a lot of different situations, and then try to capture that and then turn that back around

and give that advice back to many of our other

customers at the same time. So the most recent thing that I've been working on here has been

tackling the supply chain and how do we secure that, you know, especially given some of the

more recent breaches and more more recent news that we've seen. And Jim? Hey, Mike and Mike.

Thanks to having me. Yeah, I'm Jim. I'm a tech principal out of ThoughtWorks, London office.

My focus is very strongly on cybersecurity. So work with our clients, you know, we've got got more

higher-end risk profiles, healthcare, finance,

government, that kind of thing, to secure software, really. That's my focus.

I'm going to throw it back to Mike, because, you know, you said you've been working on this

securing the software supply chain. What is the software supply chain and what do we mean by securing it?

Sure.

So, basically, earlier this year, published a paper that talked about the supply chain

and where we have vulnerabilities in that.

...