Maslow's Hierarchy of Supply Chain Needs


Authors:   Josh Bressers


The presentation discusses the importance of understanding the order of steps in supply chain management and the need to prioritize solutions based on the problem at hand.
  • Understanding the order of steps in supply chain management is crucial to effectively addressing problems
  • Prioritizing solutions based on the problem at hand is more effective than blindly implementing solutions
  • The speaker shares an anecdote about the challenges of vulnerability scanning and the importance of building a vulnerability management system
  • The speaker emphasizes the importance of having an S-bomb as the foundation of supply chain management
The speaker shares a story about their experience with vulnerability scanning and the challenges of managing a large number of false positives. They emphasize the importance of having a vulnerability management system and an S-bomb as the foundation of supply chain management.


Lately everyone is talking about software supply chain security. There are many different angles and messages along with an abundance of concepts and acronyms to absorb: SBOM, SLSA, SSDF, vulnerability management, Sigstore, and reproducibility to name a few. It’s hard to know which tasks are most important when starting on a supply chain security journey. What if we discussed supply chain security in the context of Maslow’s Hierarchy of Needs? Just like Maslow’s Hierarchy of Needs teaches us, there are certain needs that must be met first. The needs at the bottom are less complex than the needs at the top. The software supply chain is no different. When we work to incorporate supply chain security into our organizations and projects the approach needs to be incremental change, there is no way we can do everything at once. Every organization is different and trying to decide what to do first can be a paralyzing decision. This session will present a new way to think about supply chain security that turns what appears to be an insurmountable challenge into clear steps. Attendees will learn how to simplify and prioritize supply chain security. Armed with that knowledge, attendees can create an action plan to make complex decisions around supply chain management.