Cybersecurity a key theme for chief supply chain officers

Gartner survey shows 60% of supply chain organizations are rapidly scaling cybersecurity capabilities.

Subscriber: Log Out

By 2025, 60% of supply chain organizations will use cybersecurity risk as a significant determinant in conducting third-party transactions and business engagements, according to Gartner, Inc. As the surface area of digital supply chains expands, enhanced cybersecurity is a key theme that chief supply chain officers (CSCOs) will look to scale this year.

“Our survey data has shown an aggressive stance among CSCOs who are looking to invest in growth through multiple new technologies,” said Brian Schultz, senior director analyst in Gartner’s Supply Chain Practice. “However, each new technology introduces new partners, vendors and service providers into the digital supply chain. The implication for cybersecurity risk is an ever-growing number of new pathways to potential attacks from malicious parties.”

Gartner surveyed 499 supply chain leaders between October and December of 2022 and identified the top supply chain technology trends for 2023. On average, respondents indicated that 73% of their supply chain IT budgets will be allocated to driving business growth and enhancing performance.

Based on the survey data, Gartner projects that one third of supply chain organizations will utilize industry cloud platforms by 2026 and predicts rapid growth in the use of composable application architecture, both of which will primarily rely on the use of external vendor support.

“CSCOs are under pressure to reduce costs, mitigate external disruptions and keep up with a rapidly changing technology landscape,” said Schultz. “In evaluating new technologies to drive growth and manage costs, a revamped approach to third-party risk assessment will be necessary to inform buying decisions, as a successful cyberattack on the supply chain is almost unique in its position to undo nearly all of the key objectives of CSCOs this year.”

Cyber-resilience policies under scrutiny

CSCOs’ focus on cybersecurity is being driven by more factors than just an increasingly digital supply chain. Concerns about digital supply chain vulnerabilities are coming from C-Suite partners, boards, government regulators and customers. The result is to put CSCO’s cyber-resilience policies under the spotlight like never before.

According to Schultz, CSCOs will need to revamp their third-party risk assessments of outside partners as part of a larger cybersecurity program with clear standards developed in collaboration with risk owners across the C-Suite, including the CIO, CISO and internal audit. The standards in the plan should specifically address:

Up-to-date third-party cybersecurity standards

Mechanisms for enforcement of these standards in contractual language via executed and amended contracts

The development of an audit program to enforce the supply chain cybersecurity plan.

“A supply chain cybersecurity program will play a significant role in future buying decisions and third-party risk mitigation,” said Schultz. “In addition, regular audit data from a supply chain cybersecurity program can serve as key performance indicators that can be reported to the board, auditors and business partners.”

About Gartner Supply Chain Symposium/Xpo

Attendees of the Gartner Supply Chain Symposium/Xpo in Orlando, FL can learn more in the session: “Combating Enterprise and Ecosystem Cyber Security Threats” on Tuesday, May 9.

Gartner experts will discuss key issues facing the industry during Gartner Supply Chain Symposium/Xpo. The conference delivers the must-have insights, strategies and frameworks for CSCOs and supply chain leaders to drive impact within their organizations. Supply chain leaders will gather to gain a strategic view of the trends disrupting their business and the insights and frameworks they can use to prepare for disruption, enable digital transformation and build sustainability as a competitive advantage.

Upcoming dates and locations for Gartner Supply Chain Symposium/Xpo include:

May 8-10: Orlando

June 5-7: Barcelona.


Latest Podcast
Talking Supply Chain: The last-mile tech advantage
Last-mile delivery success depends on many aspects of the supply chain to work effectively together, but none is more important than the…
Listen in


Supply Chain Management Review delivers the best industry content.
Subscribe today and get full access to all of Supply Chain Management Review’s exclusive content, email newsletters, premium resources and in-depth, comprehensive feature articles written by the industry's top experts on the subjects that matter most to supply chain professionals.



Sourcing & Procurement

Inventory Management Risk Management Global Trade Ports & Shipping

Business Management

Supply Chain TMS WMS 3PL Government & Regulation Sustainability Finance

Software & Technology

Artificial Intelligence Automation Cloud IoT Robotics Software

The Academy

Executive Education Associations Institutions Universities & Colleges


Podcasts Webcasts Companies Visionaries White Papers Special Reports Premiums Magazine Archive


SCMR Magazine Newsletters Magazine Archives Customer Service

Press Releases

Press Releases Submit Press Release