Supply chain risk in cybersecurity refers to the potential vulnerabilities and threats that exist within the various entities and processes that make up the supply chain of a company's technology and information systems. This can include everything from the vendors and manufacturers of hardware and software, to the logistics companies that transport and store the products, to the service providers and third-party contractors that manage and maintain the systems.