PHILIPPINE organizations are among the least mature in the region in implementing third-party cyber risk management (TPRM) despite their increasing vulnerability to cyberattacks, according to US-based cyber defense company BlueVoyant.
According to a survey presented in its State of Supply Chain Defense Report, BlueVoyant said only 23% of organizations in the Philippines have an established or optimized TPRM, the lowest globally.
This compares to 32% of Asia-Pacific organizations that have an established TPRM system.
The survey also showed that 64% of Philippine organizations rarely or sometimes used dedicated third-party risk management platforms.
Meanwhile, 100% of Philippine organizations surveyed said they were negatively impacted by a supply chain–related cyber breach in 2025, with 40% experiencing at least two breaches via third parties last year.
“As vendor ecosystems expand and operational dependencies deepen, the findings underscore the urgent need for organizations to enhance program maturity to manage critical supply chain risks,” BlueVoyant said.
Key barriers that Philippine organizations experience include the internal…
