Overconfidence Puts Supply Chain Security at Risk

Manufacturers are overestimating supplier visibility, and their ability to respond to supply chain attacks.

Supply Chain Security Metamorworks
istock.com/Metamorworks
October 29, 2025

Businesses are overestimating their ability to respond to supply chain cyber attacks and their visibility over suppliers, according to new research from global cyber security firm NCC Group.  

The State of Supply Chain Security report reveals that the vast majority (94 percent) are confident in their ability to respond to a supply chain attack, despite that nearly half (45 percent) experienced a cyber security breach in the last year. Half (49 percent) of the organizations that suffered a breach said the attack suspended operations. The report also revealed that 92 percent of organizations trust that their suppliers follow cybersecurity best practices.  

However, high trust levels could be leaving businesses and their supply chains vulnerable to threats, with the research showing 34 percent are not regularly monitoring suppliers or conducting risk assessments, and an identical 34 percent claim to have full and detailed insight into their supply chain’s cybersecurity.

Despite businesses understanding that security threats are growing, with 68 percent expecting attacks to become more severe in the next 12 months, the data suggests a lack of awareness about the impact that a supplier attack could have on day-to-day business operations. Surprisingly, 21 percent of organizations surveyed believe they wouldn’t be affected if a key supplier was unable to operate for five days.   

Mike Maddison, CEO of NCC Group said: “Global supply chains are the engine of modern business, so it is critical that their security is a priority for leaders, especially when global ransomware levels are at a record high this year. The outbreak of high profile supply chain attacks we have seen this year must be taken as a wake up call. 

"These attacks have real world consequences, delaying medical procedures, grounding flights, leaving shelves empty and putting the economy and jobs at risk. In the face of such a threat, it is shocking that 92 percent of respondents trust their suppliers to follow cyber security best practices.”

Among other findings:

  • 45 percent of suppliers say the cost of cybersecurity measures is the greatest pain point in regards to cybersecurity and compliance.
  • Only 36 percent say they have visibility over how their supply chain stores and protects business-critical data relating to their organization.
  • 59 percent are concerned about the level of visibility they have over their supply chain.

The findings come as more stringent cyber security regulation has been introduced globally to boost resilience strategies. This includes the UK’s Cyber Security Resilience Bill, as well as the EU’s NIS2 Directive and the Digital Operational Resilience Act (DORA).  

Increased regulation is welcomed by businesses, with 90 percent confident that cyber security standards and policies reduce the risk of supply chain attacks. Yet, the introduction of more legal frameworks could make managing supply chains more complex for global businesses.  

Related Stories
Computer Security 531607572 6000x4000 (1)
Cybersecurity
Why DNS Could Be the Best, Most Overlooked Cyber Defense
Computer Crime Concept 516607038 2125x1416 (1)
Cybersecurity
The Biggest Threat Isn’t the Zero-Day – It’s the N-Day
Cybersecurity
Cybersecurity
Innovation Without Cybersecurity Is Just Risk by Another Name
Ransomware
Cybersecurity
Manufacturing Continues to be Hit the Hardest
More in Cybersecurity
Cybersecurity
Automotive Ransomware Attacks More Than Doubled in 2025
More AI, expanded autonomous technologies and evolving threat actors are elevating cyber risks.
Automobile Cockpit, Various Information Monitors And Head Up Displays
Cybersecurity
SBOM Regs Rolled Back
The two Biden-era memoranda required agencies to obtain software security attestations before deployment.
Us Binary Flag Mirsad Sarajlic
Cybersecurity
Threats Targeting Employee Credentials Surge 389 Percent
Credentials are being stolen in as little as 14 minutes.
Protection Background Technology Security 524882074 701x502 (1)
Cybersecurity
Shadow AI Threats Grow
Productivity pressures are pushing many to bypass safeguards, increasing exposure to data leaks.
Insider Threat Leo Wolfert
Cybersecurity
Report Shows AI-Enabled Threats As Top Concern
AI could help hackers take greater advantage of visibility shortcomings.
Computer Crime Concept 516607038 2125x1416 (1)
Cybersecurity
The Domino Effect of a Data Breach
Here are some strategies to detect breaches faster and limit their capacity for damage.
Coding
Cybersecurity
AI Won’t Replace the Cybersecurity Workforce, But It Will Redefine It
AI is framed as a multi-faceted solution, but the conversation often goes off course.
Ai Your Photo
Cybersecurity
Security Breach: Strengthening Your Weakest Links
All the little things can kill a cybersecurity strategy, but there are ways to tie them all together.
Ep157
Cybersecurity
The Rise of Identity and Data Security Dependency
Predictions on what will shape industrial cybersecurity in 2026 and beyond.
Protection Background Technology Security 524882074 701x502 (1)
Cybersecurity
Securing the Edge in AI-Enabled Smart Factories
Growing data needs have manufacturers between a rock and a hard place.
Sase Supatman
Cybersecurity
How AI Is Transforming Cybersecurity Threats in 2026
Social engineering, deep fakes and more will benefit from the evolution of artificial intelligence.
Deepfake Orhan Turan
Cybersecurity
Inside The Mind of a Hacker
The report details how hackers are moving to a more collaborative, AI-enhanced approach.
General Cyberattack
Page 1 of 55
Next Page