Excerpt from SecurityInfoWatch.com Article, Published on Feb 14, 2025.
Black Kite’s latest Third Party Breach Report exposes the growing cybersecurity threats lurking within interconnected ecosystems. The sixth annual report, released by Black Kite, provides deep insights into public breaches, regulatory filings from 2024, and proprietary data gathered by the Black Kite Research and Intelligence Team (BRITE). According to Black Kite, healthcare organizations faced the highest impact, accounting for 41.2% of third-party breaches due to the high value of patient data and reliance on third-party providers. The report highlights how cybercriminals are exploiting systemic vulnerabilities, leveraging trusted vendor relationships to create large-scale disruptions across industries such as healthcare, retail, and logistics.
One of the most alarming findings from Black Kite is the rise of “silent breaches,” where hidden weaknesses in third-party networks allow attackers to bypass security measures undetected. The report reveals that unauthorized network access was responsible for over 50% of third-party breaches in 2024, with ransomware remaining the most disruptive cyber threat, accounting for 66.7% of known attack methods. Software vulnerabilities, especially zero-day exploits, continue to pose significant risks, targeting internet-facing network devices, operating systems, and widely used applications. Additionally, Black Kite notes that credential misuse is becoming a major threat, accounting for nearly 8% of breaches, fueled by public data breaches and dark web credential dumps.
Despite these challenges, Black Kite’s research provides hope, showing measurable improvements in cybersecurity postures after incidents. Healthcare vendors saw the most significant progress, with 62.5% improving security after a breach, largely driven by regulatory frameworks like HIPAA. As organizations deepen their reliance on third-party vendors, Black Kite urges companies to adopt proactive monitoring, conduct robust risk assessments, and strengthen vendor collaboration to mitigate future threats. The full Black Kite report provides a comprehensive analysis of 2024’s most significant breaches, offering valuable recommendations for building a resilient cybersecurity strategy in 2025.
To delve deeper into this topic, please read the full article SecurityInfoWatch.com.
