Vendor Risk Is Concentrated, Report Finds
What happened
A new report on third-party breaches identifies risk concentration as the top reason for cascading supply chain failures. It found that breaches scaled because companies relied too heavily on the same structurally exposed vendors — a critical warning for retailers managing thousands of suppliers.
Why it matters
A related Black Kite report focusing specifically on retail and wholesale found that over 70% of major retailers and nearly 60% of wholesalers have exposed credentials. Attackers now view the retail and wholesale sectors as a single, interconnected system, exploiting their shared digital supply chains to maximize disruption. The risk concentration is highest in the digital ecosystem, where just two vendor categories—Professional & Technical Services and Information—account for a dominant share of third-party relationships, outnumbering physical suppliers significantly. For large retailers
Key numbers
- A related Black Kite report focusing specifically on retail and wholesale found that over 70% of major retailers and nearly 60% of wholesalers have exposed credentials.
Quick answers
What happened in Vendor Risk Is Concentrated, Report Finds?
A new report on third-party breaches identifies risk concentration as the top reason for cascading supply chain failures. It found that breaches scaled because companies relied too heavily on the same structurally exposed vendors — a critical warning for retailers managing thousands of suppliers.
Why does Vendor Risk Is Concentrated, Report Finds matter?
A related Black Kite report focusing specifically on retail and wholesale found that over 70% of major retailers and nearly 60% of wholesalers have exposed credentials. Attackers now view the retail and wholesale sectors as a single, interconnected system, exploiting their shared digital supply chains to maximize disruption. The risk concentration is highest in the digital ecosystem, where just two vendor categories—Professional & Technical Services and Information—account for a dominant share of third-party relationships, outnumbering physical suppliers significantly. For large retailers
