Virtualization Technology News and Information
Article
Search:
RSS
Follow VMblog.com:
Improve end user experience in VDI, DaaS and physical endpoint environments
Cyber Breach Impact and Destruction Levels Doubled in 2022, According to Black Kite Research
Black Kite released its annual Third-Party Breach Report, which examines the impact of third-party cyber breaches in 2022. The level of breach impact and destruction was catastrophic, doubling in 2022 with 4.73 affected companies per vendor compared to 2.46 companies per vendor in 2021. With 63 third-party breaches analyzed and at least 298 publicly disclosed victims last year alone, the magnitude of attack continues to increase significantly, putting organizations at heightened risk in 2023.

"Today's cyber landscape is riskier, costlier and more complicated than ever before. Bad actors are capitalizing on global disruption with destructive third-party breaches, allowing them to compromise multiple victims in one fell swoop," said Bob Maley, CSO at Black Kite. "Cybersecurity leaders must become as agile as the adversary, and that begins with keeping a continuous pulse on your digital ecosystem's cyber posture."

The report's key findings include:

  • Unauthorized network access was the most common root cause of third-party attacks, initiating 40% of the third-party breaches last year. The rise is partially due to the remote work model that has become prevalent with the pandemic.
  • Ransomware accounted for 27% of third-party breaches in 2022 - a decrease from 2021 due to Russian sanctions, which hinder the ability of Russian-based cybercriminals to act.
  • The average time between an attack and the disclosure date was 108 days, with a 50% increase from 2021 - giving threat actors more time to cause significant damage with stolen data.
  • Technical services vendors (providing infrastructure services) were the top target of third-party breaches. In the top three for a fourth consecutive year, these vendors were included in 30% of incidents.
  • The healthcare industry was the most common victim of third-party breaches accounting for 34% of incidents 2022 - an increase from 2021 - followed by finance (14%) and government (14%).

"Global business ecosystems continue to get more complex, with every organization increasingly impacted by the cybersecurity posture of their partners, and their partners' partners, and so on," said Jeffrey Wheatman, Cyber Risk Evangelist at Black Kite. "The reality is your attack surface is much bigger than the stuff you can control. But the good news is, you can assess and monitor your extended ecosystem to spot vulnerabilities, take action and avoid catastrophe."

Black Kite provides third-party risk intelligence from a technical, financial and compliance perspective to eliminate false positives and ensure a holistic approach to vendor risk management. In addition to the 2023 Third-Party Breach Report, part of an annual research report series, Black Kite offers in-depth industry analysis reports, ransomware research, and more.

Published Wednesday, February 01, 2023 12:10 PM by David Marshall
Filed under: ,
Get This Featured White Paper: Analyzing VMware Horizon Logons
You may also be interested in this white paper: Chaos engineering: Injecting failure to test resilience
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
CTE2023
CC2023
big-5g
DTX2023
connected-america
unified-communications
kubecon-eu-2023
disrupt2023
vExpert
Calendar
<February 2023>
SuMoTuWeThFrSa
2930311234
567891011
12131415161718
19202122232425
2627281234
567891011