The data and insights in this report are based on an online survey conducted in November 2022 among 209 security and IT leaders and executives, security administrators, and compliance professionals in the U.S. from CRA’s Business Intelligence research panel. The objective of this study was to reveal organizations’ experience with cybersecurity attacks originating from third parties as well as their assessments of their supply chain visibility, and other issues related to managing third-party risk.