- The risks of cybersecurity of third parties are a growing threat, according to the report
- More than a third of all infractions in 2024 were related to third parties
- Retail trade and hospitality were more impacted
Third -party security problems are probably the greatest threat facing its business, has affirmed new research.
The new third -party non -compliance report of Securityscorecard analyzed 1,000 infractions in different industries and regions, and concluded that more than a third (35.5%) of all infractions in 2024 were related to third parties.
To make things worse, this figure is “probably conservative,” said the company, due to the sub -registration and the erroneous classification.
Retail and hospitality
The report also establishes that there has been a significant diversification of the attack surfaces in 2025, compared to the previous year, since less than half (46.75%) of third -party infractions involved technological products and services (compared to 75% of the previous year).
When observing specific industries, Securityscorecard discovered that retail trade and hospitality have suffered the highest third -party breach rate (52.4%), followed by the technology industry (47.3%) and the energy industry and public services (46.7%).
Although it had a rate of 32.2%below the average, the health industry suffered the most third -party infractions in absolute numbers (78).
Geographically, Singapore was worse (71.4%), followed by the Netherlands (70.4%) and Japan (60%).
Securityscorecard also warned about the dangers of ransomware through the risk of third parties. More than two out of five (41.4%) of all ransomware attacks now begin through third parties, with the infamous CL0P group leading the load.
“The threat actors are prioritizing the access of third parties for their scalability. Our research shows ransomware groups and attackers sponsored by the State increasing that they will be climbed throughout its supply chain of the supply chain.
