Supply chain attacks have overtaken all other cyberthreats to become the most frequent issue confronting businesses over the past year, according to a comprehensive global study by Kaspersky. The research reveals that nearly one in every three companies has had to confront a supply chain threat in the last 12 months, with exposure levels in regions such as Mexico, China, and Spain significantly exceeding the global average. This trend is mirrored by recent findings from the World Economic Forum, which cites third-party and supply-chain vulnerabilities as the single greatest barrier to cyber resilience in the modern, interconnected digital economy.
The study indicates that the impact of these threats is most acute for highly connected, large-scale organisations. Enterprises reporting the highest volume of software and hardware suppliers—often managing more than 100 vendors and granting system access to over 130 contractors—are facing the most significant risk. This vast ecosystem of interdependence facilitates “trusted relationship attacks,” where malicious actors exploit the legitimate, pre-existing connections between organisations, their suppliers, and their partners.
A Gap Between Perception and Reality
Despite the frequency of these attacks, the research uncovers a troubling disconnect: many business leaders tend to underestimate the danger of supply-chain breaches compared to more headline-grabbing threats like ransomware or Advanced Persistent Threats (APTs). Although over half of the respondents acknowledged that such attacks could lead to widespread operational disruption, only 9 per cent of global businesses ranked supply chain vulnerabilities as their top security concern. This “acknowledgement gap” suggests that while supply-chain risk is understood in theory, it is rarely prioritised in actual strategic resource allocation or security planning.
“We’re operating in a digital ecosystem where every connection, every supplier, and every integration becomes part of our security profile,” said Sergey Soldatov, Head of the Security Operations Centre at Kaspersky. “As organisations grow more interconnected, their exposure to attacks grows with them. Protecting the modern enterprise now demands an ecosystem-wide approach that strengthens not just individual systems, but the entire network of relationships that keeps the business running.”
Strategy for Ecosystem-Wide Resilience
To mitigate these risks, Kaspersky advocates for a shift toward proactive, ecosystem-wide security management. The recommendations include:
Rigorous Supplier Evaluation: Thoroughly vetting new partners’ cybersecurity policies, incident histories, and compliance with industry standards, including penetration tests for cloud and software vendors.
Contractual Security Requirements: Mandating regular security audits and ensuring adherence to incident-notification protocols within all third-party agreements.
Preventive Technology Measures: Implementing the principle of least privilege, Zero Trust models, and mature identity management to limit damage if a supplier is compromised.
Continuous Monitoring: Utilising XDR or MXDR solutions for real-time infrastructure visibility and anomaly detection within network and software traffic.
Collaborative Incident Response: Developing IR plans that explicitly cover supply-chain attack scenarios, including procedures to immediately contain and disconnect compromised third-party access.
By treating every supplier connection as part of the internal security perimeter, organisations can begin to bridge the gap between theoretical understanding and active operational defence, ensuring greater resilience against this pervasive threat.
