Report by Bitsight
Under the Surface: Uncovering Cyber Risk in the Global Supply Chain
7 FINDINGSPublished Mar 17, 2025
View Original Report →Key Findings
ByteDance Group (TikTok's parent company) is connected to 35.4% of the U.S. market.
BitsightUnder the Surface: Uncovering Cyber Risk in the Global Supply Chain·Mar 17, 2025
Chinese state-linked entitiesUS
Providers outperform consumers in four of six security standards – including DMARC, SPF, DKIM, and DNSSEC.
BitsightUnder the Surface: Uncovering Cyber Risk in the Global Supply Chain·Mar 17, 2025
Security standardsDMARCSPFDKIMDNSSEC
Providers lag behind consumers in areas such as patch management, open ports, insecure systems, and botnet infections
BitsightUnder the Surface: Uncovering Cyber Risk in the Global Supply Chain·Mar 17, 2025
Patch managementOpen portsBotnetSystem security
Technology providers use 2.5x more products than consumers.
BitsightUnder the Surface: Uncovering Cyber Risk in the Global Supply Chain·Mar 17, 2025
Technology
Technology providers have 10x more internet-facing assets than consumers.
BitsightUnder the Surface: Uncovering Cyber Risk in the Global Supply Chain·Mar 17, 2025
Internet-facingTechnology
One-third of the U.S. supply chain relies on software or services from companies formally designated by the Department of Defense as "Chinese Military Companies".
BitsightUnder the Surface: Uncovering Cyber Risk in the Global Supply Chain·Mar 17, 2025
Chinese state-linked entitiesSupply chainUS
Two-thirds of the U.S. supply chain depends on companies with at least expected ties to Chinese state-linked entities.
BitsightUnder the Surface: Uncovering Cyber Risk in the Global Supply Chain·Mar 17, 2025
Chinese state-linked entitiesSupply chainUS