Measuring the impact of multi-party security breaches

October 6, 2021

Cyentia Institute and RiskRecon, a Mastercard company, released research that quantifies how a multi-party data breach impacts many other organizations in today’s interconnected digital world.

The study, “Ripples Across the Risk Surface” is based on an analysis of 897 multi-party breaches involving three or more interrelated companies. This second edition bolsters findings from the 2019 ripples report on the risks associated with third-party direct vendors and partners, in addition to the dangers posed by the rest of the supply chain.

Key findings from the report:

897 multi-party breach incidents, also referred to as ripple events, have been observed since 2008.
147 newly uncovered ripples were observed across the entire data set, with 108 occurring in the last three years.
A median ripple breach event causes 10x the financial damage of a traditional single-party breach.
The worst of the multi-party breach events causes 26x the financial damage of the worst single-party breach.
It takes 379 days for a typical ripple event to impact 75% of its downstream victims.
The median number of organizations affected by ripple events across the data set was 4.

According to the research, multi-party impacts can be multifaceted, but there are two primary ways they push ripples across industries and organizations:

WIDESPREAD THIRD-PARTY BREACH: This breach impacts multiple downstream organizations with a direct third-party relationship to the victim organization that generated the ripple event.
SUPPLY CHAIN BREACH: This refers to a breach exhibiting cascading impacts on the generator organization’s customers, such that the exposure at one or more third parties also exposes systems or data owned by Nth-party organizations with no direct relationship to the initial victim.

Researchers say these two categories are not mutually exclusive. What often happens with more significant ripple events is that a breach first impacts the flow to multiple organizations with third-party relationships to the generator and then pushes downstream to affect many of those organizations’ customers and their customers’ customers. Thus, many ripple events start as a widespread third-party breach that kicks off multiple supply chain breaches all at once.

This is the scenario that was witnessed most recently with the 2021 Kaseya ransomware event, wherein an attacker leveraged management software commonly used by managed service providers to simultaneously attack the client base of multiple companies at once.

The full Ripples Across the Risk Surface report can be downloaded here: https://www.riskrecon.com/report-measuring-the-impact-of-multi-party-breaches

Ransomware and the propulsion of the extortion economy has rapidly eclipsed into a national priority. Recently, we observed the catastrophic impact of a widescale ransomware attack impacting gas pipelines and raising national gas prices overnight.

Security Operations Centers (SOCs) are a crucial component of safety and security culture. They support many strategic business objectives, from lowering costs and minimizing risk to improving employee trust and morale.

Poll

Business Travel Security

View Results

Poll Archive

Products

Effective Security Management, 7th Edition

Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics.

See More Products

Measuring the impact of multi-party security breaches

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.

Measuring the impact of multi-party security breaches

Related Articles

Related Products

Related Events

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.