Cybersecurity

Third-party vendors pose serious cybersecurity threat to national security


In this Help Net Security video, Paul Prudhomme, Principal Security Analyst at SecurityScorecard, discusses the findings of the 2024 Redefining Resilience: Concentrated Cyber Risk in a Global Economy Research report.

This research details a surge in adversaries exploiting third-party vulnerabilities and uncovers an extreme concentration of cyber risk in just 15 vendors, posing a serious threat to national security and global economies.

Key findings include:

  • 150 companies account for 90% of the technology products and services across the global attack surface.
  • 41% of those companies had evidence of at least one compromised device in the past year.
  • 11% had evidence of a ransomware infection in the past year.
  • 62% of the global external attack surface is concentrated in the products and services of just 15 companies.
  • The top 15 third parties have below-average cybersecurity risk ratings – indicating a higher likelihood of breach.
  • Ransomware operators Cl0p, LockBit, and BlackCat systematically target third-party vulnerabilities at scale. State-sponsored threat actors can find an internet-facing device within five minutes of connecting it.



Source

Related Articles

Back to top button