Listen to this Post
In the ever-evolving landscape of cybersecurity, organizations are increasingly aware of the risks posed by third-party vendors. A recent report by Resilience Cyber Insurance Solutions highlights a concerning shift in the frequency and scale of cyber-attacks, with third-party breaches playing a more significant role in driving up insurance claims, particularly those linked to ransomware. As companies shore up their own defenses, the vulnerabilities within their supply chains remain a prime target for cybercriminals, raising questions about the effectiveness of traditional security models and the shifting tactics of threat actors.
Cyber Insurance Data: The Rising Threat of Third-Party Breaches
Cyber insurance claims data reveals a worrying trend: while ransomware remains a leading cause of claims, much of the associated financial damage stems from breaches at third-party providers and vendors. In 2024, these third-party breaches and outages accounted for 31% of all cyber-related insurance claims, making them a significant driver of financial losses for the affected companies. Notably, the percentage of claims linked to material losses also increased, rising to 23%. This represents a shift from 2023 when third-party risks caused 37% of claims but didn’t result in financial damages.
The rise of third-party breaches highlights how cybercriminals are increasingly targeting organizations that may not have direct access to sensitive data but serve as a crucial part of larger supply chains. High-profile cases, such as the breaches at Change Healthcare, CDK Global, and PowerSchool, underscore the potential far-reaching consequences of these attacks. These incidents impacted a wide range of industries, including healthcare, automotive, and education, with devastating effects on day-to-day operations.
Key Insights from Cyber Insurance Data
- Ransomware and Third-Party Vendors: In 2024, ransomware attacks against vendors emerged as the largest category of claims, accounting for 13% of total claims and 18% of material claims. This shift underscores the growing vulnerability of organizations to attacks that originate from external partners.
-
Manufacturing and Transportation Are Hardest Hit: Industries like manufacturing and transportation suffered disproportionately from ransomware attacks. These sectors often depend on critical suppliers or operational technologies, which, when disrupted, can halt entire production lines or service operations.
-
Phishing Declines, but Risk Remains: While phishing attacks accounted for a smaller portion of claims in 2024 (down to 9% from 20% in 2023), the danger remains significant. Phishing often serves as the entry point for more damaging breaches, and the complexity of modern supply chains makes it harder to trace the origins of such attacks.
What Undercode Says: Analyzing the Shift in Cybersecurity Threats
The rise of third-party breaches represents a fundamental shift in how organizations must think about their cybersecurity posture. In years past, companies focused primarily on securing their own networks and data. However, as this data shows, cybercriminals are increasingly targeting suppliers and service providers, exploiting the interconnectedness of modern business operations.
This trend reflects broader changes in attack strategies. Rather than attacking directly, threat actors are using vendors as a gateway to access the primary target. By compromising a vendor, attackers can leverage downstream impacts to exert pressure on a broader set of businesses. This approach offers a higher likelihood of success, as it increases the number of potential victims and amplifies the financial stakes.
Additionally, industries that rely heavily on operational technology (OT) and complex supply chains—such as manufacturing, healthcare, and transportation—are particularly vulnerable to this kind of attack. A single breach in a supplier’s system can cause operational disruption that reverberates throughout the entire production or service process, often leading to expensive downtime and recovery efforts.
The shift toward ransomware targeting vendors also reflects the growing sophistication of cybercriminals. These attackers are not only aware of the vulnerabilities within individual companies but are also exploiting weaknesses within the supply chain, where security protocols may not be as robust. Companies may invest heavily in securing their own networks, but they often overlook the risks posed by third-party suppliers who may not have the same level of protection.
Phishing, while less directly responsible for claims, continues to be a significant entry point for attackers. The decline in phishing-related claims could be an indicator that organizations are improving their defenses or that phishing attacks are being masked by the larger, more damaging breaches occurring within the supply chain. Regardless, the fact that phishing is still present in many of these cases highlights the need for ongoing vigilance and employee training.
For cybersecurity professionals, this trend underscores the importance of a holistic approach to risk management. It’s not enough to secure only your organization’s assets. Companies must also ensure that their suppliers, service providers, and business partners adhere to strong cybersecurity standards. By adopting a more comprehensive view of cybersecurity that includes third-party risks, businesses can better prepare for and mitigate the impact of these increasingly sophisticated cyber threats.
Fact Checker Results
- Accuracy of Claims: The data presented aligns with broader industry trends, confirming that ransomware is increasingly a significant issue for both direct and third-party targets.
- Third-Party Risk: The rise of third-party breaches as a source of material losses is consistent with recent reports on supply chain security vulnerabilities.
- Phishing Trends: The decline in phishing-related claims is accurate, but the underlying risks remain significant and should not be underestimated.
References:
Reported By: https://www.darkreading.com/cyber-risk/third-party-risk-top-cybersecurity-claims
Extra Source Hub:
https://stackoverflow.com
Wikipedia: https://www.wikipedia.org
Undercode AI
Image Source:
OpenAI: https://craiyon.com
Undercode AI DI v2




