Choose Your Vendors Carefully: Third-Party Breaches Cause Up to 26 Times the Damage Compared to a First-Party Breach

A recent report found that multi-party breaches cause 10 times the financial damage of the worst single-party breach, and 26 times the damage in the most extreme case. What’s more, each incident exposed the personal data of millions of individuals. The report also concluded that business support and financial organizations were the two most likely industries to initiate ripple-generating victims, where a breach of one party leads to a series of one or more additional breaches, resulting in downstream loss events. Combined, the professional and financial sectors are the source of more than 47% of all ripple events.

Now let’s break it down and talk about the cost of a single ripple event. When a single event occurs, it leads to a loss of $36 million, according to the report. Further, the report concluded that most costs are absorbed by the initial victim of a multi-party breach.

What does this mean in a nutshell? Simple: choose your vendors carefully. 

No organization is truly safe from a multi-party ripple event (aka breach). No matter your organization size, scope, or industry, allowing an outside company to access sensitive data, client information, employee details, etc., opens your organization to a potential security breach. The moral of the story is this: Choose your vendors carefully. 

And when we say “choose carefully,” we mean it, without exception. We happily oblige when our clients ask if we (PK Tech) undergo a third-party audit for security reasons. In the spirit of IT security, it’s essential to leave no rock unturned.

How can my business protect itself moving forward? 

While you can’t possibly save your business from every third-party threat, you can take ownership over the risks that will directly impact your business the most. Minimize the likelihood  of a potential “ripple event” by having IT security risk assessments at least annually. Depending on your industry and risk tolerance, consider using a separate qualified IT company to check your primary IT company’s work for security gaps. 

If you feel like your organization lacks these areas or needs a team of experienced IT pros to build out a comprehensive IT security plan, PK Tech can help. We service a wide range of industries in the Greater Phoenix Area, from law firms to accounting firms to healthcare clinics to small businesses. One of our strengths is identifying the vulnerable entry points within your organization based on your size and sector and building the necessary IT security defenses to prevent a breach. Get in touch if you would like to speak with a PK Tech pro about your business today.