Most organisations are part of an intricate supply chain that may not be so evident until you assess it as a cross-section. Supply chain attacks are increasing at an alarming rate. We describe the most common attacks that leverage vectors from relationships across Services, Software Development and the consumption of Subscriptions Services, all of which abuse established channels of trust. We also provide a case study of how an organisation averted the calamity of loss of their entire workforce platform through a supply chain invoked vulnerability.