For most global companies, supply chain risk management traditionally has focused on managing third-party risks—often in the limited context of the physical supply chain. But what the SolarWinds cyber-attack harshly revealed is the catastrophic havoc fourth and fifth parties can also wreak in the often-ignored cloud supply chain.

Jaclyn Jaeger is a freelance contributor to Compliance Week after working for the company for 15 years. She writes on a wide variety of topics, including ethics and compliance, risk management, legal,...