Report by Bitsight

Under the Surface: Uncovering Cyber Risk in the Global Supply Chain

7 FINDINGSPublished Mar 17, 2025

View Original Report →

Key Findings

ByteDance Group (TikTok's parent company) is connected to 35.4% of the U.S. market.

BitsightUnder the Surface: Uncovering Cyber Risk in the Global Supply Chain·1y ago

Chinese state-linked entitiesUS

Providers outperform consumers in four of six security standards – including DMARC, SPF, DKIM, and DNSSEC.

BitsightUnder the Surface: Uncovering Cyber Risk in the Global Supply Chain·1y ago

Security standardsDMARCSPFDKIMDNSSEC

Providers lag behind consumers in areas such as patch management, open ports, insecure systems, and botnet infections

BitsightUnder the Surface: Uncovering Cyber Risk in the Global Supply Chain·1y ago

Patch managementOpen portsBotnetSystem security

Technology providers use 2.5x more products than consumers.

BitsightUnder the Surface: Uncovering Cyber Risk in the Global Supply Chain·1y ago

Technology

Technology providers have 10x more internet-facing assets than consumers.

BitsightUnder the Surface: Uncovering Cyber Risk in the Global Supply Chain·1y ago

Internet-facingTechnology

One-third of the U.S. supply chain relies on software or services from companies formally designated by the Department of Defense as "Chinese Military Companies".

BitsightUnder the Surface: Uncovering Cyber Risk in the Global Supply Chain·1y ago

Chinese state-linked entitiesSupply chainUS

Two-thirds of the U.S. supply chain depends on companies with at least expected ties to Chinese state-linked entities.

BitsightUnder the Surface: Uncovering Cyber Risk in the Global Supply Chain·1y ago

Chinese state-linked entitiesSupply chainUS