Supply chain cyber risk is now a top concern for managed service providers (MSPs) and their customers, according to new research from CyberSmart.
The cyber risk management provider’s 2026 MSP Survey found that 43% of MSPs and their customers experienced a cyber incident caused by or originating from a supplier or third-party vendor during the last 12 months.
Conducted by OnePoll, the research gathered responses from 350 MSP leaders across the UK and Ireland spanning a range of industries and customer sizes.
The results suggest that MSPs are becoming increasingly exposed to supply chain risk due to their privileged access to customer environments – making them attractive targets for cyber criminals seeking to use them as a gateway to potentially hundreds of organizations.
Among the respondents that experienced a supply chain incident, 39% said the breach affected only the customer, while 16% said it only affected the MSP. Meanwhile, 39% said both were impacted.
According to CyberSmart, this means over half (55%) of incidents involved the MSP in some capacity.
Despite this figure, the research found that 55% of MSPs still do not monitor for supply chain risk –…
