Gartner Says Supply Chain Cybersecurity is at Peak of Inflated Expectations

Supply chain cybersecurity has reached the Peak of Inflated Expectations, while generative AI (GenAI) is in the Trough of Disillusionment and presents an added threat to secure supply chains, according to Gartner Inc., a business and technology insights company.

“The large number of multitier partners in an organization’s supply chain has made managing third-party cyber risk a daunting task,” said Mark Atwood, Managing VP, Research, with the Gartner Supply Chain practice. “The rapid expansion of threats continually challenges cybersecurity and supply chain teams to keep pace, while the growing use of GenAI among trading partners increases the risk of data breaches and intellectual property leakage.”

The Gartner Hype Cycle for Supply Chain Strategy, 2025 helps chief supply chain officers (CSCOs) make smarter investments and strategic decisions by identifying emerging, hyped and proven supply chain technologies, competencies and business models. It highlights the most important capabilities, detailing their maturity, business impact and potential challenges, and provides actionable guidance for effective adoption.

Gartner Hype Cycles provide a graphic representation of the maturity and adoption of technologies and applications, and how they are potentially relevant to solving real business problems and exploiting new opportunities. Gartner Hype Cycle methodology gives a view of how a technology or application will evolve over time, providing a sound source of insight to manage its deployment within the context of specific business goals.

The Gartner Hype Cycle for Supply Chain Strategy showed that machine learning (ML)-based AI is nearing the Slope of Enlightenment, as explosive interest in agentic and GenAI solutions is accelerating the adoption of machine learning and logic-based reasoning to augment decision making at an unprecedented pace (see Figure 1).

Supply chain cybersecurity is a holistic and integrated approach to protecting the supply chain from threats such as ransomware, malware and similar attacks that can cause operational outages. As organizations increasingly recognize the importance of safeguarding supply chain operations, expectations for cybersecurity solutions have surged.

However, several obstacles make effective cybersecurity protection challenging, including:

• A lack of clarity around ownership and budget for identifying and managing cybersecurity risks.
• The breadth of supply chain IT and cyber-physical systems that require protection.
• The large number of multitier partners complicates visibility into and management of third-party cyber risk.
• GenAI use among trading partners increases the risk of data breaches and intellectual property leakage.
• Solutions force organizations to assemble multiple toolsets rather than rely on a single solution.

Atwood emphasized recommendations for CSCOs to manage third-party cyber risk, by first joining forces with the cybersecurity team in their organization. Together, both teams must define security specifications with high-value supply chain partners, then pass on those specifications through contract requirements.

GenAI technologies can create new content, strategies and designs by learning from large datasets, and supply chain technology providers are increasingly embedding GenAI capabilities into their solutions. This allows organizations to experiment with GenAI at lower risk and cost.

However, many supply chain organizations face significant obstacles, including the complexity of integrating GenAI with legacy systems, concerns over data security and intellectual property leakage, and the lack of clear governance frameworks to manage risks such as hallucinations or ethical issues. Many of these risks also contribute to concerns over supply chain cybersecurity.

“As more organizations grapple with the challenges of scaling GenAI pilots and integrating the technology into legacy systems, it will appear as less of a ‘silver bullet’ solution,” said Noha Tohamy, Distinguished VP analyst in Gartner’s Supply Chain practice. “However, the ongoing enthusiasm for GenAI’s potential, along with the emergence of agentic AI, has rapidly accelerated the progress we have seen with ML-based AI, which has evolved from an emerging technology to a key enabler of supply chain transformation.”

Tohamy noted that ML-based AI use cases now span planning, sourcing, manufacturing, logistics, and inventory management. The availability of tech solutions, best practices and implementation frameworks has made adopting ML-based AI less risky. As a result, CSCOs are moving beyond pilots and scaling AI across the enterprise to drive greater efficiency, resilience and customer enablement.

Gartner clients can read more in: Hype Cycle for Supply Chain Strategy, 2025.  Nonclients can learn more in: Supply Chain AI. 

About Gartner AI Use Case Insights
Gartner AI Use Case Insights is an interactive tool that helps technology and business leaders efficiently discover, evaluate, and prioritize AI use cases to potentially pursue. Clients can search over 500 use cases (applications of AI in specific industries) and over 380 case studies (real world examples) based on industry, business function, and Gartner’s assessment of potential business value. Clients can access the interactive tool at https://tools.gartner.com/use-case-insights.