The AI model your organization deployed last quarter was trained on data you didn’t audit, fine-tuned on datasets you didn’t review, and served through infrastructure you didn’t inspect.
That’s the AI supply chain. And it has the same attack surface as every other software supply chain — with none of the established security practices.
Supply chain attacks against AI systems take three primary forms: training data poisoning, model weight tampering, and inference infrastructure compromise. All three have documented proof-of-concept attacks. None are adequately addressed in standard enterprise AI procurement frameworks.
The disclosure problem is precise: AI vendors are not required to disclose the provenance of training data, the security controls applied to model weights during storage and transfer, or the infrastructure security posture of inference endpoints.
Your security team is making deployment decisions on models whose supply chain integrity cannot be independently verified. That gap lives at the intersection of procurement policy and AI governance — and most enterprise frameworks don’t address it.
♾ The AI Threat Brief | AI Security Intelligence for Leaders
