Third-party risk was the dominant driver of cyber insurance claims and material losses in 2024, data from cyber risk solutions company Resilience has found.
Threat actors have a track record of exploiting a single point of failure in one company to create a cascading effect of disruption and chaos downstream, as evidenced by recent incidents including the PowerSchool, CDK and Change Healthcare breaches.
New cyber insurance claims data from Resilience’s portfolio illustrates the financial fallout this can have, finding that third-party risk, including ransomware and outages affecting vendors, accounted for 31% of all claims in 2024. Third-party risk led to claims with incurred losses for the first time, making up nearly a quarter (23%) of incurred claims in 2024.
“Third-party risk is...driving unprecedented losses," said Vishaal Hariprasad, co-founder and CEO of Resilience. "While this risk is often invisible until it’s too late, it’s now clear that the industry has reached a tipping point. Businesses can no longer afford to consider their partners’ vulnerabilities as siloed from their own. By understanding this new reality of shared risk, enterprises can make smarter business decisions and meaningfully mitigate material loss.”
See the Q1 2025 issue of CIR Magazine for our in-depth look at the cyber insurance market. Available here next week.
Printed Copy:
Would you also like to receive CIR Magazine in print?
Data Use:
We will also send you our free daily email newsletters and other relevant communications, which you can opt out of at any time. Thank you.
YOU MIGHT ALSO LIKE