This panel will discuss the record-breaking number of supply chain attacks in the summer of 2023, highlighting key incidents such as 3CX, MOVEit, and Barracuda. The panel will discuss lessons learned, emerging trends, increased global cooperation and the shift in government expectations. The panel will address cyber preparedness and risk tolerance. The panel will offer thoughts on minimizing legal exposure, cyber reporting obligations, and handling threat actor communications, especially if company officials or family member are approached or threatened. Finally, the panel will discuss how cyber investigators can approach multi-cloud environments despite the many challenges these types of investigations present and how they can enhance incident response in complex environments. The panel will discuss the need for enhanced data protection and methods for enhancing security posture and incident preparedness. The panel will also address how the increase in supply chain attacks affected the way a company and counsel think about risks as well as the need to understand legal, regulatory, and contractual requirements in a complex environment.