Third-party attack vectors are responsible for 29% of breaches

Laptop with dark screen and green symbols

Image via Unsplash

A recent report by SecurityScorecard reveals that the exploitation of trusted third parties continues to be a prevalent security concern. According to the research, 98% of organizations are affiliated with a third party that has experienced a breach. Furthermore, third-party attacks have led to 29% of breaches.

The sectors with the leading volume of third-party breaches are healthcare and finance, which make up the highest and second-highest amounts, respectively. As for the internal percentage of third-party breaches, technology and telecommunications saw the highest amount at 43%.

The report suggests that healthcare has the highest volume in part due to its large ecosystem of third-party connections. Many third parties are associated with different aspects of healthcare, thus making this sector a common target. The more third parties an organization is associated with, the greater its risk for third-party attack vectors.

Software or other related technological products and services were responsible for 75% of the external relationships that led to third-party breaches. 25% of third-party breaches entailed non-technological products or services instead. When software or related technologies are compromised via a third party, malicious actors can often exploit vulnerabilities with minimal effort. The report advises security leaders to have third-party risk management plans in place to prevent and recover from these security breaches.

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.