- Third party cybersecurity risks are a growing threat, according to complaints
- More than a third of all violations in 2024 were linked to third parties
- Retail and hospitality have been the most strongly struck
Third -party security problems are probably the biggest threat to which your business is facing, said new research.
The new report on global violations of 2025 of 2025 from SecurScorecard analyzed 1,000 violations in different industries and regions, and concluded that more than a third (35.5%) of all violations in 2024 were linked to third parties.
To make things worse, this figure is “probably conservative,” said the company, due to the sub-declaration and the bad classification.
Retail and hospitality
The report also indicates that there was a significant diversification of attack areas in 2025, compared to the previous year, as less than half (46.75%) of third -party violations involved technological products and services (compared to 75% the previous year).
By examining the specific industries, SecurityScorecardo revealed that retail and hospitality have undergone the highest third -party violation rate (52.4%), followed by technology industry (47.3%) and the energy and public services industry (46.7%).
Even if he had an average rate of the average of 32.2%, the health care industry underwent the most third -party violations in absolute numbers (78).
Geographically, Singapore succeeded in the worst (71.4%), followed by the Netherlands (70.4%) and Japan (60%).
SecurityScorecard also warned against the dangers of ransomware thanks to third -party risks. More than two out of five (41.4%) of all ransomware attacks now start with third parties, the infamous group CL0P leading the charge.
“Threat actors favor third -party access for its scalability. Our research shows that the ransomware groups and the attackers sponsored by the state are increasingly deriving supply chains as entry points. To keep a step ahead of these threats, the security managers must go from the periodic supplier examination for real -time monitoring to contain these risks before stairs throughout their supply chain, “said Ryan Shectobioff, Svpe of Security Safety.
