The TSMC did learn from the cyber attack attempts on it that it is not just TSMC proper, but if any weak point in the supply chain gets exploited, the entire supply chain is at risk. They adopted a what’s called assume breach mentality, assuming that the adversary has already breached one of those supply chain anyway. The focus should be on zero trust, meaning that the no lateral movement between affected parts, compartmentalisation of damage.