Surge of cyber-attacks on supply chains represent new threat

Signs of relief but risks remain elevated

The survey asked procurement and supply professionals worldwide across industries including manufacturing, energy, healthcare, construction, government, and technology ranked risks and strategies on a 1–7 scale.

• Short-term concern (next 3 months): 4.36 out of 7 (down from 4.57 in Q2; equal to Q1 levels)
• 12-month concern: 4.86 out of 7 (down from 5.03 in Q2; still higher than all 2024 readings)

“Procurement professionals are telling us that the panic spikes of earlier this year have eased, but nobody is breathing easy. The fundamentals – tariffs, geopolitics, and global volatility – haven’t gone away,” said CIPS CEO Ben Farrell.

“Instead, leaders are recalibrating and focusing on longer-term resilience. What’s new is the rise of cyber threats, which have become just as disruptive as physical supply shocks. With attacks on firms like JLR and M&S making headlines, the message is clear: businesses must treat cyber security as a core pillar of supply chain resilience, or risk seeing their operations and reputations undermined overnight.”

Cyber threats emerging as new frontline risk

For the first time, CIPS asked about cyber security. Nearly one in three organisations (29%) reported an increase in cyber-attacks on their supply chains over the past six months, highlighting a new layer of risk beyond physical disruption. This warning comes amid a wave of high-profile breaches at major firms including JLR and M&S this year, underscoring that even household names are vulnerable. With supply chains now a prime target for hackers, procurement leaders stress that cyber resilience is no longer an IT issue but a boardroom imperative.

The Guardian newspaper reported on the findings of the CIPS 2025 Q3 Pulse, noting the need for businesses to invest in cyber resilience in the face of rising cyber-attacks.

The findings serve as a stark reminder that organisations must invest in robust digital defences to safeguard not only their operations but also consumer trust, as cyber threats increasingly rival geopolitical shocks and tariff disputes as the top risks facing global business.

New supply risks: technology and tariffs in the spotlight

While shipping and logistics continue to top the list of categories facing 10%+ input price increases (22% of respondents), computers and high-tech equipment surged into second place (19%) – a sharp shift from earlier quarters when chemicals and food dominated. Petroleum and transport equipment also remain elevated (16%).

For the first time, more than half (59%) of procurement teams report exploring local manufacturing or nearshoring as a direct response to tariff uncertainty. Renegotiating supplier contracts (54%) and consolidating spend for volume discounts (41%) also feature prominently in mitigation strategies.

“We are seeing a structural pivot in supply chains. Tariffs are no longer a theoretical risk – they’re reshaping where and how businesses source,” said CIPS’ global economist Dr John Glen. “The fact that nearshoring and contract renegotiation are leading strategies shows how procurement is moving from firefighting to long-term redesign.”

Tariff anxiety persists, but more firms adapting

• 34% of organisations say they are already being hit by new US tariffs, down from 44% in Q2.
• Nearly half (46%) are not yet impacted but are actively monitoring.
• Only 16% say they have not been affected at all.

Geopolitics still top concern, but inflation fades

Despite easing in immediate concern levels, geopolitical risk remains the single biggest 12-month concern (33%). Inflation dropped back sharply to 16%, while supplier instability (15%) and labour issues (10%) now rank higher than logistics disruption.

This marks a major shift from Q2, when two-thirds of respondents ranked geopolitics as their top risk and inflation sat at 41%.

Supply continuity: supplier diversification still dominant

Procurement leaders continue to pursue diversification above all else:

• Diversify supplier base: 5.38 (avg score out of 7)
• Extend contracts: 5.22
• Hold more stock: 4.36
• Streamline/reduce suppliers: 4.34

“The data tells us procurement is adapting fast. Nearshoring, contract renegotiation, and cyber defence are now everyday boardroom topics,” said Farrell. “The pressure may have eased slightly this quarter, but global supply chains remain fragile, and procurement leaders are still sounding the alarm.”