Particle.news
Download on the App Store
3 ARTICLES
·
2h ago

CISO Survey: AI Adoption Widens Third-Party Risk Blind Spots

Legacy GRC workflows lag dynamic vendor ecosystems, pushing CISOs toward AI-driven monitoring with uneven results.

85% of security leaders are flying blind on supply chain threats, Panorays study says
Image

Overview

  • Panorays’ 2026 poll of 200 U.S. CISOs reports only 15% have full supply-chain visibility as 60% saw more third-party incidents over the past year.
  • AI suppliers are viewed as uniquely risky, yet just 22% have formal vetting for AI tools.
  • Uptake of AI-driven third-party risk tooling jumped from 27% to 66% year over year, lifting reported full visibility from 3% to 15% but leaving major gaps.
  • Legacy governance platforms and static questionnaires are falling short, with 66% calling GRC ineffective for dynamic supply-chain risk and 71% saying questionnaires miss the mark.
  • Oversight rarely extends beyond direct vendors and preparedness lags, with only 41% monitoring fourth and fifth parties, rising regulatory scrutiny, and just 21% maintaining tested response plans.