In survey of more than 1,000 executives, 44.9% expect an increase in number and size of cyber events targeting their organizations’ supply chains in year ahead; 33.8% say their organizations experienced one or more cybersecurity events during past year

NEW YORK , September 25, 2023 (press release) –

Of over 1,000 C-suite and other executives, almost half (44.9%) expect an increase in the number and size of cyber events targeting their organizations’ supply chains in the year ahead, according to a new Deloitte poll.  The expected increase seems to indicate higher go-forward concerns, as just 33.8% of respondents say their organizations experienced one or more supply chain cybersecurity events during the past year.

“While negative cyber events—like any business disruption—can be the most powerful catalyst for improvement, we see leading organizations working to build more proactive capabilities to detect and mitigate potential cyber threats in their supply chains,” said Sharon Chand, a Deloitte Risk & Financial Advisory principal and cyber risk secure supply chain leader, Deloitte & Touche LLP. “It’s not a simple feat but aiming to achieve greater supply chain visibility and third-party cyber risk management can help bolster and speed organizations’ post-incident recovery and resilience.”

Part of improved supply chain visibility can include third-party risk assessments. While nearly half of respondents’ organizations conduct third-party risk assessments prior to new vendor engagement (46.5%), just 29.1% of that group also repeat those assessments at least annually as well. Unfortunately, 20.9% of respondents say their organizations do not conduct third-party risk assessments to support broader supply chain security.

Chand continued, “Third-party risk assessments can range from conducting surveys of those entities’ practices to requesting software bills of materials (SBOMs) for components of larger products. But in order to ask such things of your third parties, you need to have the infrastructure in place to process their inputs. Building such capabilities can help organizations protect their supply chains and defend against future security threats.”

About the online poll
Over 1,020 C-suite and other executives were polled during a recent webcast, titled “Supply chain security: Building resiliency and mitigating risks,” on June 20, 2023. Answer rates differed by question.

About Deloitte
Deloitte provides industry-leading audit, consulting, tax and advisory services to many of the world’s most admired brands, including nearly 90% of the Fortune 500^® and more than 8,500 U.S.-based private companies. At Deloitte, we strive to live our purpose of making an impact that matters by creating trust and confidence in a more equitable society. We leverage our unique blend of business acumen, command of technology, and strategic technology alliances to advise our clients across industries as they build their future. Deloitte is proud to be part of the largest global professional services network serving our clients in the markets that are most important to them. Bringing more than 175 years of service, our network of member firms spans more than 150 countries and territories. Learn how Deloitte’s approximately 457,000 people worldwide connect for impact at www.deloitte.com.

* All content is copyrighted by Industry Intelligence, or the original respective author or source. You may not recirculate, redistrubte or publish the analysis and presentation included in the service without Industry Intelligence's prior written consent. Please review our terms of use.