Patrick Opet, global CISO at JPMorgan Chase, is urging the software industry to prioritize secure development practices over speed to market, warning that increasing supply-chain disruptions are weakening the global economic system. He warned in an open letter that global companies are dependent on interconnected technologies and warned that software needs to be secure by default. Opet said that because global companies are increasingly reliant on a small number of software-as-a-service providers, a hack or other disruption can disrupt critical infrastructure providers around the world. JPMorgan Chase officials have seen the warning signs up close, Opet said. “Over the past three years, our third-party providers experienced a number of incidents within their environments,” Opet wrote. “These incidents across our supply chain required us to act swiftly and decisively, including isolating certain compromised providers and dedicating substantial resources to threat mitigation.” Modern identity protocols like OAuth create direct connections between third-party services and sensitive internal resources at companies, making it easier for attackers to gain access to confidential data or internal communications, Opet noted in the letter. Opet said he wanted to see improved security standards and more transparency in how suppliers use privileged access. He also said technologies like confidential computing could reduce risks when suppliers use sensitive information.