While applying for a parking permit, I discovered an expired SSL certificate on a council website, highlighting how small oversights in public services can expose broader cybersecurity risks. This real-world example shows why organisations must take indirect supply chain risk seriously, particularly in regions critical to national security.