Excerpt from IT Brief UK Article, Published on January 13, 2026
Security leaders worldwide are now placing supply chain risk at the forefront of cybersecurity agendas, according to new research from the World Economic Forum. The latest findings show that disruptions to third – party systems and supplier networks are among the most pressing challenges organisations face when trying to become more resilient in a rapidly evolving threat landscape.
The report highlights that a large majority of organisations see supply chain vulnerabilities as a significant barrier to cyber resilience. This trend, already visible in 2025, has only intensified as businesses adopt new technologies and expand third – party integrations.
Rob Demain, CEO of cybersecurity firm e2e – assure, told IT Brief UK that attackers are increasingly targeting weak links outside traditional enterprise perimeters. “Geopolitical cyber risk is increasingly realised through supply chains rather than direct attacks,” he said, pointing to software vendors, outsourced services, and operational technology partners as common exposure points.
The rise of AI is compounding these concerns. While 94% of organisations expect artificial intelligence to be the biggest driving force for change in their cybersecurity strategies, many also lack the governance and deep visibility needed for secure deployment. Demain stressed that AI should support security operations rather than replace them, and that rushed or poorly controlled adoption can introduce fresh vulnerabilities.
This tightening focus on third – party risk comes as regulatory expectations rise. In the UK, updates to frameworks like the Cyber Security and Resilience Bill, CSRB, and NIS2 alignment are pushing boards to treat supply chain resilience as a core part of their corporate responsibility. Organisations are therefore accelerating efforts to monitor external environments, improve visibility across partner networks, and detect issues before they cascade into larger incidents.
Security teams are also being advised to embed continuous oversight and more active threat management throughout their extended ecosystems. CIOs and CISOs are now balancing investment in AI – enabled tools with governance frameworks that help manage complex third – party exposures and tighten controls without slowing innovation.
To delve deeper into this topic, Visit IT Brief UK.
