A recent report by SecurityScorecard reveals that the exploitation of trusted third parties continues to be a prevalent security concern. According to the research, 98% of organizations are affiliated with a third party that has experienced a breach. Furthermore, third-party attacks have led to 29% of breaches. 

The sectors with the leading volume of third-party breaches are healthcare and finance, which make up the highest and second-highest amounts, respectively. As for the internal percentage of third-party breaches, technology and telecommunications saw the highest amount at 43%.

The report suggests that healthcare has the highest volume in part due to its large ecosystem of third-party connections. Many third parties are associated with different aspects of healthcare, thus making this sector a common target. The more third parties an organization is associated with, the greater its risk for third-party attack vectors.

Software or other related technological products and services were responsible for 75% of the external relationships that led to third-party breaches. 25% of third-party breaches entailed non-technological products or services instead. When software or related technologies are compromised via a third party, malicious actors can often exploit vulnerabilities with minimal effort. The report advises security leaders to have third-party risk management plans in place to prevent and recover from these security breaches.