In this third annual report, the Black Kite Research team examined the impact of third-party breaches that occurred in 2021. The focus remains on understanding emerging vulnerabilities seized by cybercriminals, as well as target industries falling victim to breaches, stemming from a lack of due diligence.
Black Kite Research analyzed 81 individual third-party incidents, which ultimately lead to more than 200 publicly-disclosed headline breaches and thousands of other inherent ripple-effect breaches throughout 2021.
They studied why certain industry sectors faced higher susceptibility to an attack, as well as the most vulnerable vendors to the initial breach themselves.
Additional predictive intelligence on a subset of 63 vendors also shows how an organization’s cyber posture improved when motivated to monitor and deploy security measures.
Download your copy of the Third-Party Breach Report 2022 and uncover the riskiest vendors and the top attack methods from 2021’s headline breaches.
Key Report Findings:
- Ransomware became the most common attack method of third-party attacks, initiating 27% of breaches analyzed in 2021.
- Software publishers were the most common source of third-party breaches for a third consecutive year, accounting for 23% of related incidents.
- The average time between an attack and the disclosure date was 75 days.
- Healthcare industry was the most common victim of attacks caused by third parties, accounting for 33% of incidents in 2021.
Download your copy of Black Kite’s Third-Party Breach Report 2022
Register for your free copy now
Start, Grow and Optimise Your TPRM Program Today
Black Kite’s automated compliance correlation has helped hundreds of organisations save time, money and resources by automatically measuring PCI compliance levels for any vendor within their cyber ecosystem.
Register Now and receive a complimentary Technical, Financial, and Compliance rating of your company or any supplier in your ecosystem.
Or for more information on how DVV Solutions can mature and scale your Third Party Risk and Compliance Program:
Call Us: +44 (0) 161 476 8700
Contact Us: Complete our Contact Form, or
Learn more about What We Do
About Black Kite
Black Kite redefines vendor risk management with the world’s first global third-party cyber risk monitoring platform, built from a hacker’s perspective. With 300+ customers across the globe and counting, we’re committed to improving the health and safety of the entire planet’s cyber ecosystem with the industry’s most accurate and comprehensive cyber intelligence.
While other security ratings service (SRS) providers try to narrow the scope, Black Kite provides the only standards-based cyber risk assessments that analyse your supply chain’s cybersecurity posture from three critical dimensions together: technical, financial, and compliance.