"Damages Escalate Rapidly in Multi-Party Data Breaches"

New research from the Cyentia Institute explored the top 50 multi-party breaches, finding that the average large-sized breach involved 31 organizations and cost an average of $90 million, compared to the average loss of $200,000 due to a typical cybersecurity incident. Although system intrusions impacted the most organizations, ransomware and wiper incidents resulted in the greatest loss. Cyentia also found that attacks involving valid accounts and those that nation-state actors carried out, caused significantly greater damages per incident. These findings further emphasize the importance of companies increasing their efforts to ensure that their vendors and contractors are not opening their networks to attacks. The lesson learned from the largest multi-party breaches is that companies' cybersecurity and risk mitigation efforts must focus on attackers targeting businesses as well as those targeting third parties, which ripples down to vendors' clients. Wade Baker, the co-founder of Cyentia calls on organizations to approach risk management with more supply chain or third-party-centric thinking to help deal with nation-state actors or cybercriminal gangs. This article continues to discuss key findings from Cyentia's Information Risk Insights Study (IRIS). 

Dark Reading reports "Damages Escalate Rapidly in Multi-Party Data Breaches"