Adversaries Use Third-Party Vulnerabilities to Enhance Stealth, Speed, and Impact of Ransomware Attacks, Reports Intelligent CISO

Published:

spot_img

Research Findings on Concentrated Cyber Risk and Resilience in a Global Economy

SecurityScorecard, in partnership with McKinsey & Company, has released alarming findings from its latest research on cyber risk. The report, titled “2024 Redefining Resilience: Concentrated Cyber Risk in a Global Economy Research,” highlights the extreme concentration of cyber risk in just 15 vendors, posing significant threats to national security and global economies.

According to Dr. Aleksandr Yampolskiy, CEO and Co-Founder of SecurityScorecard, the reliance on a handful of vendors is akin to a precarious house on a cliff edge, creating potential single points of failure in the global economy. The research also reveals a surge in adversaries exploiting third-party vulnerabilities to carry out supply chain cyberattacks with maximum stealth, speed, and impact.

The study identified that 150 companies account for 90% of the technology products and services across the global attack surface, with 41% of them showing evidence of compromised devices in the past year. Additionally, 62% of the external attack surface is concentrated in the products and services of just 15 companies, which have below-average cybersecurity risk ratings, increasing the likelihood of breaches.

In response to these findings, experts recommend four key steps to mitigate supply chain cybersecurity risks, including identifying single points of failure, continuously monitoring the attack surface, detecting new vendors automatically, and operationalizing vendor cybersecurity management.

Charlie Lewis, Partner at McKinsey, emphasized the need for companies to consider the broader system of their cyber ecosystem and build mutual support with peers, competitors, and vendors to enhance resilience against cyber threats. The research underscores the critical importance of addressing vulnerabilities in third-party relationships to safeguard against cyber risks in the interconnected digital landscape.

spot_img

Related articles

Recent articles

Weekly Roundup: Eid Al Adha 2025 Dates, UAE Petrol Price Changes, New Tax Rule, and Dubai Real Estate Tokenization

UAE Eid Al Adha Holiday Dates Announced The United Arab Emirates has officially revealed holiday dates for Eid Al Adha, providing a timely update for...

ConnectWise Cyberattack: Nation-State Actor Suspected in Targeted Breach

ConnectWise Investigates Cyber Attack on ScreenConnect Date: May 30, 2025 Author: Ravie Lakshmanan Tags: Vulnerability, Data Breach Overview of the Incident ConnectWise, known for its remote access and support...

ASUS Enhances Business Computing with the ExpertCenter P400 All-in-One

Unveiling the ASUS ExpertCenter P400 AiO: A Fusion of Performance and Elegance In a world where efficiency meets aesthetics, ASUS has introduced the ExpertCenter P400...

Botetourt County Schools Cybersecurity Breach Exposed on Dark Web

Botetourt County Public Schools Faces Cybersecurity Concerns Recent Cybersecurity Attack Raises Alarms Botetourt County Public Schools (BCPS) recently notified families about a cybersecurity breach that has...