Every Link Matters:
The State of Supply Chain Security 2025
90% of UK security teams experienced at least one incident in their supply chain in the past year, while 10% experienced three or more
The supply chain threat landscape is evolving rapidly & traditional defences aren't keeping pace. This landmark study provides a comprehensive analysis of the supply chain security risk landscape facing the UK in 2025, based on data collected from over 500 cybersecurity professionals as well as proprietary risk insights.
36.8% of UK cyber security professionals identified the lack of visibility into supply chain dependencies as a key shortcoming
While 34.8% regard the lack of collaboration and information sharing with industry peers as a key shortcoming
62% organisations said that their TPRM function either only occasionally or rarely collaborate with their industry peers
Understand how leading organisations are adopting external intelligence and real-time monitoring to uncover risks that suppliers might not disclose or even know about.
Move your Third Party Risk Process from a reactive box ticking exercise to an active cyber defence discipline and help keep your company safe.
Gain insight into regulator's increased focus on identifying systemic risks to entire sectors, and how you can support their efforts.
What you will learn:
Chapter 1: The Rise of Supply Chain Attacks
What you’ll learn: Why supply chains have become the attacker’s easiest entry point — and how the threat landscape is rapidly changing. This chapter unpacks the frequency of attacks, and provides insides into the threat perception among UK cyber security professionals as well as which aspects of their supply chain they feel are most exposed.
Chapter 2: Is Third Party Risk Management Fit for a New Era of Supply Chain Threats?
What you’ll learn: Why traditional TPRM approaches based on manual processes are struggling to keep pace with the evolving threat landscape. This section digs into the biggest shortcomings flagged by UK cyber pros: lack of monitoring, poor visibility, and limited collaboration.
Chapter 3: Concentration Risks & the Importance of Supply Chain Visibility
What you’ll learn: Why seeing beyond your tier-one suppliers is critical, and how concentration risk and hidden dependencies can cause cascading disruption across entire sectors. This chapter explores how greater visibility supports resilience and aligns with regulatory expectations.
Chapter 4: How Collaboration Can Transform Supply Chain Resilience
What you’ll learn: How collaboration across organisations can uncover systemic risks, enables burden sharing, and helps build more resilient sectors. This section highlights the benefits of breaking down silos in third-party risk management.
This report is essential reading for CISOs, risk managers, supply chain leaders, and anyone responsible for securing third-party ecosystems. It offers an unfiltered view into how over 500 UK cyber security and risk professionals perceive the growing threat from supply chain attacks and what they’re doing about it.
You’ll uncover why traditional, siloed TPRM approaches are no longer enough, and how a more collaborative model is already taking shape in highly regulated industries.
The report also explores how deeper collaboration between organisations is enabling enhanced visibility across supply chains, revealing hidden dependencies and previously undetected systemic risks that could affect entire sectors. If you have any questions click here to get in contact with the team.
