Supply Chain Breaches Impact Almost All Firms Globally, BlueVoyant Reveals
Despite a growing maturity of third-party risk management programs, supply chain attacks impacted more organizations in 2025 than in previous years
Third-party risk concerns cybersecurity weaknesses in vendors and service providers that can expose connected organizations to breaches, outages, or data loss.
Search across headline titles and summaries.
Background for this topic.
Third-party risk is the security exposure created when an organization relies on external suppliers, contractors, cloud services, software providers, or business partners. These parties may process sensitive information, connect to internal systems, or supply software and services whose security the organization does not fully control. The tag generally covers cyber, privacy, and operational risks arising from those relationships, including dependencies on a provider’s own suppliers.
Security-relevant concerns include excessive or poorly governed third-party access, vulnerabilities in supplied software or services, and inadequate protection of shared personal or business data. Useful controls include assessing a provider’s security before onboarding, limiting and reviewing access, requiring vulnerability and incident-notification practices in contracts, monitoring material changes, and promptly removing access when a relationship ends. During an incident, organizations may need provider logs, evidence, and coordinated response actions; clear ownership and communication paths are therefore important.
Weekly headline count for the current query.
Despite a growing maturity of third-party risk management programs, supply chain attacks impacted more organizations in 2025 than in previous years
Experts at a Gartner event highlighted areas of focus in identity, processes and third-party risk management to tackle the novel tactics employed by Scattered Spider
Orange Cyberdefense found that over half of UK financial firms suffered at least one third-party attack in 2024, linked to significant gaps in risk management strategies