How Dependency Warfare Is Rewriting Supply Chain Risk

Article

May 29, 2026

Supply chain war is the broad label. Dependency warfare names the mechanism.

In the first episode of our new Exiger Exchange podcast, Chief Strategy & Global Affairs Officer Kit Conklin speaks with Chris Miller, New York Times best-selling author of Chip War: The Fight for the World’s Most Critical Technology, about AI infrastructure, semiconductors, connected vehicles, export controls, rare earth magnets, data centers, and the way governments now study supply chains. The conversation keeps returning to one problem for companies: the most important exposure may sit below the direct supplier, inside a material, chip, software layer, sensor, data flow, or compute environment.

Dependency warfare is the use of those exposures as points of pressure. It shows up when a country restricts a critical material, when data transfer rules create new compliance exposure, when a component turns into a security concern, or when access to compute becomes part of geopolitical competition.

For executives, the risk is practical. A supplier list may look complete and still miss the dependency that can stop production, trigger regulatory scrutiny, expose sensitive data, or limit access to an essential technology.

Supply Chains are Being Studied as Pressure Systems

Miller describes the supply chains feeding AI as critical infrastructure for modern economies. AI may appear digital, but the systems behind it are physical and regulated. Chips, data centers, equipment, power, specialized materials, manufacturing capacity, and cross-border access all determine who can build and deploy AI.

That makes supply chain visibility more demanding. Companies need to know more than who provides a part or service. They need to understand the upstream inputs, the jurisdictions involved, the software embedded in the product, the data that moves through it, and the policy rules that could affect access.

Semiconductors show the scale of the challenge. Miller describes chip supply chains as the most complex supply chains that exist, with many parts crossing many borders. He also says the problem will get harder as technology advances because advanced systems require more capabilities, materials, and intellectual property from more providers.

Companies cannot manage that reality with a static supplier map. A tier-one supplier may be visible while a critical material, equipment provider, subcomponent, or single-country dependency remains out of view.

Dependency Warfare Starts Below the Direct Supplier

The episode’s strongest business insight is that modern risk often concentrates in dependencies beneath suppliers.

A direct supplier can be financially stable and operationally capable while still relying on an upstream input that is concentrated in one country. A connected product can pass quality checks while still transmitting data in ways the company has not fully reviewed. A chip can be located outside a restricted country while the compute it provides supports downstream activity that raises legal or security concerns.

This is the mechanism behind dependency warfare. Pressure does not have to target the company directly. It can target the material, the data path, the compute layer, the software-defined function, or the chokepoint that the company depends on.

The connected vehicle discussion makes this concrete. Miller explains that modern cars collect data through cameras, audio sensors, lidar, radar, ultrasound, GPS, temperature sensors, tire pressure sensors, and other systems. One data stream may appear limited on its own. Combined with location and camera data, those streams can reveal detailed information about people, movement patterns, and critical infrastructure.

That shifts the supply chain review. Leaders need to know who made a component, whether the component is available, what software controls it, what data it collects, where that data goes, who can access it, and how the governance rules are communicated to customers and regulators.

Miller also notes that it can be difficult to determine the data governance standard for a given type of vehicle data. That point should concern any company building or buying connected products. Limited visibility into sensor behavior can become a customer trust issue, a compliance issue, and a security issue.

AI, Vehicles, and Data Centers Expand the Risk

Digging into export controls can show how dependency warfare is moving deeper into technology systems.

Miller describes the policy debate over which layer of the AI stack should be controlled: chipmaking equipment, chips, models, finished AI services, or deployment environments. The answer affects companies across the AI supply chain because each layer creates a different point of pressure.

If you control the chips, you cause problems for companies that make chips, but you limit China’s ability to train and especially to deploy bigger and better AI models. And so there’s been a debate: where do you have the most leverage in the technology stack?

The Chip Security Act discussion adds telemetry and location reporting to the risk review. Miller explains that connected systems increasingly report operational information, including performance data and sometimes location. The debate is whether advanced chips should be required to share certain information and what compliance burden that would place on companies.

Conklin raises a related issue: chip location alone may not resolve compute risk. A data center in a third country could still provide compute to a restricted actor. Miller responds that increased regulation of data centers is likely, including possible rules that limit advanced chip sales to approved data center operators.

This matters because compute access is becoming a supply chain issue. Companies using AI infrastructure need to understand where compute sits, who operates it, who can access it, and what rules may apply to the hardware and the environment around it.

Rare earth magnets, critical minerals, and certain chemicals add another lesson. Miller says many powerful chokepoints were identifiable years earlier by those looking closely. Recent restrictions and disruptions suggest that many organizations had warning signs but did not convert them into decisions.

That is the management problem. Finding a dependency is only useful if the company knows who owns the decision, what action is available, and when the issue should be escalated.

What Leaders Should Assess Now

Dependency warfare requires a more precise review of critical products, operations, and services. Here are the steps to assess potential risks:

Start with critical areas. Focus on the products, operations, and services most tied to revenue, continuity, customer trust, or national security obligations.

Map the dependency layers. Identify the materials, chips, chemicals, subcomponents, software layers, sensor systems, data flows, data centers, operators, and jurisdictions involved.

Separate visibility gaps from decisions. Answer what is known: who supplies the component, where the material originates, what software controls the function, where data is transmitted, and who operates the data center. Then identify what requires action: alternate sourcing, policy monitoring, contractual controls, customer disclosure, inventory decisions, or executive review.

Test pressure scenarios. Consider how operations would be affected by a critical material restriction, export-control change, data-transfer rule, sanctioned end user, or data center approval requirement.

Miller is clear that supply chains will remain complex because technology and economics require specialized inputs across borders. Leaders should manage that complexity with enough precision to understand which dependencies can be pressured and what choices are available before the pressure arrives.

Dependency warfare is rewriting supply chain risk because it changes the unit of analysis. The supplier still matters. The dependency matters more when it controls access to production, data, compute, or market permission.

The first episode of Exiger Exchange gives leaders a practical way to think about that shift: Supply chain war describes the contest while dependency warfare explains where companies will feel it.

Exiger Exchange | Episode 1

Supply Chain War

Watch or listen to the full conversation with Kit Conklin and Chris Miller on AI infrastructure, connected vehicles, export controls, data centers, and chokepoints.