This whitepaper analyzes independent data gathered on over 800 multi-party cyber-incidents observed over the last decade. These so-called ‘ripple events’ are different to traditional security breaches because they don’t just impact a single organization, but spawn secondary loss events affecting thousands of organizations downstream in the supply chain.
Multi-party losses are increasing in frequency and losses incurred by these ripple events are much higher than single-party incidents.
Key takeaways of this research:
- The median financial loss from multi-party cyber incidents is 13-times larger than losses from single-party incidents
- Multi-party incidents are becoming more common over time
- While the average ripple event impacts fewer than 10 firms beyond the original victim, they can swell much wider than that
- Collection agencies, banks and lenders, credit bureaus, government offices and IT firms account for half of organizations that generate ripple events
- SMBs are more likely to be on the receiving end of multi-party incidents originating from larger enterprises
