Gartner says the landscape of supply chain cybersecurity has reached a critical juncture, described as the Peak of Inflated Expectations. Simultaneously, generative AI (GenAI) finds itself in the Trough of Disillusionment, presenting new threats that could jeopardise secure supply chains. This duality poses significant challenges for Chief Information Security Officers (CISOs) and supply chain leaders across Asia.
Mark Atwood, managing VP of research at Gartner, emphasised the complexity of managing third-party cyber risk in today’s interconnected supply chains.
“The large number of multitier partners in an organisation’s supply chain has made managing third-party cyber risk a daunting task. The rapid expansion of threats continually challenges cybersecurity and supply chain teams to keep pace, while the growing use of GenAI among trading partners increases the risk of data breaches and intellectual property leakage.” Mark Atwood
Source: Gartner 2025
The Gartner Hype Cycle for Supply Chain Strategy, 2025 serves as a crucial tool for Chief Supply Chain Officers (CSCOs), guiding them in making informed investments and strategic decisions.
The report highlights key technologies and competencies while detailing their maturity, business impact, and potential challenges. It provides actionable insights for effective adoption, helping organisations navigate the complexities of supply chain management.
While cybersecurity has become a priority for organisations aiming to protect their operations from threats like ransomware and malware, several obstacles remain. These include unclear ownership and budget for managing cybersecurity risks, the extensive range of supply chain IT and cyber-physical systems requiring protection, and the multitude of multitier partners complicating visibility and management of cyber threats.
To tackle these challenges, Atwood recommends that CSCOs collaborate closely with their cybersecurity teams. Together, they should define security specifications for high-value supply chain partners and incorporate these requirements into contracts.
The report also discusses the current state of GenAI in supply chains. While GenAI technologies offer the potential to create new content and strategies, many organisations struggle with integrating these solutions into legacy systems. Concerns regarding data security and intellectual property, along with the lack of governance frameworks, further complicate the landscape.
According to Noha Tohamy, distinguished VP analyst at Gartner: “As more organisations grapple with the challenges of scaling GenAI pilots and integrating the technology into legacy systems, it will appear as less of a ‘silver bullet’ solution.”
However, the emergence of machine learning (ML)-based AI is providing a pathway for supply chain transformation, enabling CSCOs to move beyond pilot projects to implement AI at scale.
As CISOs and supply chain leaders in Asia navigate these evolving challenges, the insights from Gartner’s report will be pivotal in shaping their strategies for resilience and security in an increasingly complex environment.
