IN Brief:
- Proxima research shows 51% of CEOs say their businesses could not maintain normal operations for more than three weeks after a major supply chain shock.
- CEOs are willing to accept an average 17.3% cost uplift to improve supply chain resilience.
- AI is gaining ground in supplier-risk monitoring, but data quality, skills, and ROI barriers remain.
Proxima research has found that CEOs are prepared to accept higher supplier costs to strengthen resilience, although many businesses remain exposed to major disruption, supplier concentration, and cyber risk.
The research shows that 51% of CEOs believe their businesses could not maintain day-to-day operations for more than three weeks if a major supply chain shock occurred immediately. The mean cost uplift CEOs are willing to accept to improve resilience stands at 17.3%, indicating that risk reduction is now being treated as a commercial investment rather than a procurement inefficiency.
Supplier exposure is substantial. A majority of CEOs said disruption to their top three suppliers for two weeks would place between 11% and 20% of revenue at risk, while almost a quarter put the exposure at between 21% and 40%. Those figures show how fragile parts of the operating model remain after several years of pandemic disruption, shipping volatility, geopolitical shocks, inflation, and cyber intrusion.
The findings align with a broader procurement shift from cost removal toward risk-balanced supply design. Supplier diversification and AI-led resilience work in China has shown how alternative sourcing, trade intelligence, digital control, and physical flexibility are becoming more important than simple localisation. Proxima’s research points to the same conclusion from the boardroom: resilience is now a quantified operating requirement.
Cyber risk is one of the most exposed areas. Nearly half of businesses in the research have experienced supply chain disruption caused by a cyber incident in the past 24 months, but only 35% have real-time visibility into the cyber risk of critical suppliers. That gap is difficult to defend when supplier systems are closely tied to orders, production planning, transport documentation, payments, and customer delivery.
AI is beginning to support supplier-risk monitoring, with 51% of CEOs seeing measurable value. Scaling remains constrained by data quality, skills shortages, and uncertainty over return on investment. That reflects a familiar problem in supply chain technology: businesses want predictive insight, yet the underlying supplier data is often incomplete, inconsistent, or trapped in separate systems.
The commercial challenge is deciding where resilience spend creates value. Paying 17.3% more for continuity may be rational where failure would stop production, breach service levels, or expose customers to shortages. The same uplift is harder to defend where supplier risk is poorly measured. Segmentation becomes essential. Critical inputs, high-margin products, regulated goods, and single-source dependencies need stronger controls than low-risk indirect spend.
Procurement teams are being pushed into a more analytical role as a result. They have to identify revenue at risk, map supplier dependencies, evaluate substitution options, test cyber exposure, and decide where redundancy is justified. That is a different discipline from annual price negotiation. It requires closer collaboration with operations, finance, legal, cyber security, and logistics.
The research also exposes the limits of visibility tools without organisational action. A dashboard showing supplier risk has limited value unless the business has alternate suppliers, buffer stock, engineering flexibility, contractual options, or customer allocation rules. Real-time visibility does not prevent disruption by itself; it shortens the time between warning and response.
Geopolitical risk is adding further pressure. Tariffs, sanctions, export controls, forced labour enforcement, and regional conflict can all alter supplier viability quickly. In that environment, supplier resilience cannot be reviewed once a year. Risk scores, sourcing decisions, and inventory policy need to move with changing conditions.
Board-level resilience also changes the internal status of procurement. When supplier failure can threaten revenue inside weeks, sourcing decisions become part of enterprise risk management rather than a back-office cost function. That should give procurement teams more authority, but it also raises expectations around evidence, scenario planning, and measurable protection.
The boardroom is now putting a price on resilience. The harder task is converting that budget into disciplined supplier architecture. Businesses that simply pay more for the same fragile supply base will not become more resilient. Those using the spend to improve visibility, diversify critical sources, harden supplier cyber controls, and connect procurement decisions to operational risk will be better placed when the next shock arrives.



