ScoutGet the App

Vendor Risk Is Concentrated, Report Finds

A new report on third-party breaches identifies risk concentration as the top reason for cascading supply chain failures. It found that breaches scaled because companies relied too heavily on the same structurally exposed vendors — a critical warning for retailers managing thousands of suppliers.

A related Black Kite report focusing specifically on retail and wholesale found that over 70% of major retailers and nearly 60% of wholesalers have exposed credentials. Attackers now view the retail and wholesale sectors as a single, interconnected system, exploiting their shared digital supply chains to maximize disruption. The risk concentration is highest in the digital ecosystem, where just two vendor categories—Professional & Technical Services and Information—account for a dominant share of third-party relationships, outnumbering physical suppliers significantly. For large retailers

Get your own daily briefing

Scout delivers personalized news, insights, and conversations tailored to your role and industry.

Download on the App Store

Shared from Scout - Be the smartest in the room.