Multi-party breaches vs third-party related incidents

Ana Sayfa — Blog — Multi-party breaches vs third-party related incidents

Geri

30.09.2021

A sophisticated network of digital interconnections causes the unavoidable growth of multi-party data breaches.

According to the research released by Cyentia Institute and RiskRecon and based on the analysis of 897 multi-party data breach incidents which have happened since 2008.

The most awful multi-party data breach brings 26 times bigger financial loss than the most terrible single-party one might cause.

Multi-party breaches are also known as ripple events — incidents which cover more and more organisations and keep affecting them one by one even after some time. It usually takes almost a year for a multi-party breach to harm 75% of businesses which were in any relation to the breach source.

The average number of companies involved in a ripple event is 4.

It’s like working with an unreliable contractor the systems of which have access to your data but the proper security policies aren’t introduced and there’s no data protection strategy implemented — in such case it doesn’t matter how good your own security rules are within your corporate perimeter and how sure you are about the level of compliance of your organisation, if the quality of risk management program of your contractor is much lower than your perfectly verified control tactics than your data simply can’t be safe.

That’s what happens with businesses impacted by a multi-party breach incident. Poor security measures taken by any party can affect companies which aren’t connected to this “weak spot operator” directly but are interrelated with it via some other service.

The widest damage is done when some service provider suffers a security issue, and the system, where the problem occurs, is focal to the provided services, i.e. centralised services. In this way the number of affected organisations can amount to hundreds.

Don't share your data with an organisation which doesn't take full responsibility for its protection and which doesn't comply with the recent information security requirements. Learn more why it is important to control third-party security policies.

BLOG LİSTESİNE DÖN

Bültenimize abone olun! Sektör trendlerini takip edin, veri sızıntıları ve siber olaylara karşı nasıl önlem alacağınızı öğrenin.

SearchInform ürünleri aşağıdaki kuruluşlar tarafından tanınmaktadır

Bizi takip edin:

Zorunlu Çerezler

Her zaman aktiftir. Bu çerezler, web sitemizin düzgün çalışması için gereklidir. Kişisel bilgi toplamazlar. Tarayıcınızın İnternet Ayarları bölümünden bu çerezlerin kaydını devre dışı bırakabilirsiniz.

Fonksiyonel Çerezler

Bu çerezler, örneğin web sitesinde hangi dili kullanmak istediğinizi hatırlamak gibi, gelişmiş işlevsellik ve kişiselleştirme sunmamıza olanak tanır.

Performans Çerezleri

Bu çerezler, sizin için en gerekli bilgilerin neler olduğunu anlamamıza yardımcı olur, böylece hizmetlerimizi ve web sitemizi geliştirebiliriz.

Üçüncü Taraf Çerezleri

Bu çerezler, diğer web sitelerinden içerik (örneğin resimler, reklamlar, metinler) yerleştirebilmemiz için üçüncü taraf kaynaklar tarafından oluşturulur.