Companies are rethinking their view of supply chain risk in 2025, shifting from episodic crisis response to continuous, data-driven vigilance. The newly published WTW Global Supply Chain Risk Survey 2025, covering 1,000 senior executives at firms with revenues above $250 million, reveals that boardrooms now rate geopolitical turbulence, inflation, and cyber exposure ahead of pandemic disruption. Yet just 8% of respondents claim “full control” over their risk landscape, while nearly two-thirds say losses still exceed expectations.
Geopolitics and Cybersecurity Top the Agenda
Geopolitical instability is now the top concern for 19% of companies, up from 14% two years ago, reflecting rising tensions, export controls, and regulatory uncertainty. Inflation ranks second at 18%, driven by higher procurement and transport costs. Cyber risk jumped sharply, with 16% citing it as a top threat, more than triple the 2023 figure. Raw-material shortages and regulatory volatility each doubled to 14%, highlighting how carbon-border taxes and forced-labor rules are tightening compliance screws.
To counter this volatility, firms report deeper cross-functional collaboration and wider use of digital mapping tools that illuminate multi-tier dependencies. According to the study, adoption of real-time supply-chain visibility software has grown 27% since 2023, while parametric insurance, policies that pay out automatically when a defined event threshold is breached, has entered mainstream consideration for 30% of respondents. These moves hint at a market preparing for shocks that traditional coverages and after-the-fact claims handling struggle to address.
Shift Toward Internal Risk Ownership
While insurance remains part of the equation, more firms are building internal risk capabilities. About one-third now have dedicated supply chain risk teams reporting to both finance and operations, up from 20% in 2023. Executives are also prioritizing scenario planning, real-time data, and supplier risk scoring.
Environmental and labor regulations are adding pressure. New rules, such as the EU’s supply chain due diligence law, are forcing companies to track risk across deeper tiers and tie mitigation to compliance.
Fewer companies are focused on pandemic-era concerns like remote work, which has dropped as a priority. Instead, many are turning attention to supplier cybersecurity and digital coordination, with nearly half planning to require joint incident drills by 2026.
The Blind Spot in Risk Digitization
While many companies are investing in supply chain visibility and modeling, fewer are addressing the execution gap that follows. Knowing where a risk sits does not guarantee a timely or coordinated response, especially when supplier contracts lack enforceable response standards or shared incident protocols. As firms refine their digital infrastructure, the next step is aligning risk signals with binding action across tiers. Without this, visibility may simply accelerate awareness of failures, not prevent them.
