The report finds AI embedded across every layer of the supply chain, spanning foundation model providers, cloud platforms, tooling, integrators, and end‑user applications. A provider breakdown reveals dense dependencies and vendor concentration. New AI technologies introduce systemic risks, including shared‑infrastructure exposure, opaque third‑ and fourth‑party links, uncertain data provenance and IP, and rapid model changes that outpace controls. The ecosystem is geographically concentrated, with most companies located in the US and Germany. Leaders should map AI dependencies, diversify vendors, and strengthen governance and risk oversight.

Join for free to read