NY-SECURITYSCORECARD

1.2.2023 15:01:45 CET | Business Wire | Press release

SecurityScorecard Research Shows 98% of Organizations Globally Have Relationships With At Least One Breached Third-Party

SecurityScorecard, the global leader in cybersecurity ratings, and The Cyentia Institute, an independent cybersecurity research firm, today published research that found 98 percent of organizations have vendor relationships with at least one third-party that has experienced a breach in the last two years. The study, Close Encounters of the Third (and Fourth) Party Kind, also found that 50 percent of organizations have indirect relationships with at least 200 breached fourth-party vendors in the last two years.

“An organizations’ attack surface spans beyond just the technology that they own or control, ” said Aleksandr Yampolskiy, co-founder and CEO of SecurityScorecard. “Organizations need visibility into the security ratings of their entire third and fourth party ecosystem so that they can know in an instant whether an organization deserves their trust and can take proactive steps to mitigate risk.”

The study, which analyzed data from over 235,000 (primary) organizations across the globe and more than 73,000 vendors and products used by them directly (third-parties) or used by their vendors (fourth-parties), offers an in-depth examination of how the interdependence of modern digital supply chains impacts organizational cyber risk exposure.

Key Report Findings:

Security Suffers The More Third- and Fourth-Parties You Have
For every third-party vendor in their supply chain, organizations typically have indirect relationships with 60 to 90 times that number of fourth-party relationships. Research showed that compared to the primary organization, third-party vendors are five times more likely to exhibit poor security. Approximately 10% of third-party vendors receive an F rating among organizations that earn an A rating for their own security posture.

Information Services Leads in Third-parties
The research revealed the Information Services sector maintained an average of 25 vendors-- 2.5 times the number of third party-relationships than the overall average of 10. The Finance sector was on the other end of the spectrum averaging 6.5 third-party relationships. The healthcare sector averaged 15.5 vendors per organization and the Insurance sector averaged 11 vendors. “Each of these third-party relations represents exposure to risk,” continued Baker. “In some cases due to compromised third-party code, or in others due to usage of an insecure hosting provider.”

Exposing Data to International Third-parties Increases Regulatory and Security Requirements
While examining the regional dimension of third-party relationships, SecurityScorecard found that 59% of organizations have vendors from five or fewer countries, while roughly 14% work with vendors spanning 10 or more countries.

“SecurityScorecard’s data demonstrates why managing cyber risk across the digital supply chain is absolutely critical as threat actors work to exploit any vulnerabilities an organization may have. Identifying and continuously monitoring all partners and customers within the digital supply chain is key to staying ahead of any potential risk,” said Wade Baker, partner and co-founder at The Cyentia Institute. “By having full visibility into the security posture of their third and fourth parties, organizations can work with their vendors to address any cybersecurity gaps they may have in their infrastructure and, in turn, reduce their own level of cyber risk.”

Additional resources:

Access the full report, “Close Encounters of the Third (and Fourth) Party Kind”
Read our blog to better understand what can organizations do to minimize risk stemming from their business ecosystems
Register for the informational webinar, presented by SecurityScorecard and the Cyentia Institute.
Learn more about how Automatic Vendor Detection enables organizations to identify the products and vendors in their third- and fourth-party ecosystem to identify potential risk, automate their workflows, and drive targeted data-driven decisions.

About SecurityScorecard

Funded by world-class investors including Evolution Equity Partners, Silver Lake Waterman, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 12 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 30,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight. SecurityScorecard is the first cybersecurity ratings company to offer digital forensics and incident response services, providing a 360-degree approach to security prevention and response for its worldwide customer and partner base. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors. Every organization has the universal right to their trusted and transparent Instant SecurityScorecard rating. For more information, visit securityscorecard.com or connect with us on LinkedIn.

About The Cyentia Institute

The Cyentia Institute is a research and data science firm working to advance cybersecurity knowledge and practice. Cyentia pursues this goal through data-driven studies like this one and through a growing portfolio of analytic services. Learn more at www.cyentia.com.

To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.

View source version on businesswire.com: https://www.businesswire.com/news/home/20230201005038/en/

About Business Wire

Business Wire
101 California Street, 20th Floor
CA 94111 San Francisco

http://businesswire.com

Subscribe to releases from Business Wire

Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.

Latest releases from Business Wire

Fujirebio Receives Marketing Clearance for Lumipulse®G pTau 217/ β-Amyloid 1-42 Plasma Ratio In-vitro Diagnostic Test as an Aid to Identify Patients With Amyloid Pathology Associated With Alzheimer’s Disease17.5.2025 08:58:00 CEST | Press release

—First Blood-Based In-Vitro Diagnostic Test to Receive FDA Clearancefor Patients Being Assessed for Alzheimer’s Disease. ——Availability of Accurate, Accessible, Blood-Based Diagnostic Tests Will Aid in Development and Availability of More Effective Interventions for Alzheimer’s Disease — Fujirebio today announced that the U.S. Food and Drug Administration (FDA) has granted 510(k) clearance for the company’s Lumipulse® G pTau 217/β-Amyloid 1-42 Plasma Ratio in-vitro diagnostic (IVD) test for the assessment of amyloid pathology in patients being evaluated for Alzheimer’s disease and other causes of cognitive decline. The test, which was granted Breakthrough Device Designation by the FDA, is the first FDA cleared blood-based IVD test in the U.S. to aid to identify patients with amyloid pathology associated with Alzheimer’s Disease (AD). Alzheimer’s disease currently affects an estimated 7.2 million Americans, a number projected to rise to nearly 14 million by 2060.1 It is a leading cause

IFF Announces Pricing of Tender Offers For Certain Outstanding Series of Notes16.5.2025 23:17:00 CEST | Press release

IFF (NYSE: IFF) announced today the Total Consideration (as defined below) payable in connection with its previously announced tender offers to purchase for cash: (i) up to $1,100,000,000 aggregate purchase price, excluding accrued and unpaid interest (the “Amended Pool 1 Maximum Amount”), of its 1.230% Senior Notes due 2025 (the “2025 Notes”), 1.832% Senior Notes due 2027 (the “2027 Notes”), 4.450% Senior Notes due 2028 (the “2028 Notes”) and 2.300% Senior Notes due 2030 (the “2030 Notes” and collectively with the 2025 Notes, the 2027 Notes and the 2028 Notes, the “Pool 1 Notes”) and (ii) up to $900,000,000 aggregate purchase price, excluding accrued and unpaid interest (the “Amended Pool 2 Maximum Amount” and, together with the Amended Pool 1 Maximum Amount, the “Amended Maximum Amounts”), of its 3.268% Senior Notes due 2040 (the “2040 Notes”), 4.375% Senior Notes due 2047 (the “2047 Notes”), 5.000% Senior Notes due 2048 (the “2048 Notes”) and 3.468% Senior Notes due 2050 (the “2050

Origins Launches in the U.S. Amazon Premium Beauty Store16.5.2025 15:00:00 CEST | Press release

The brand brings its high-performance, clinically proven, nature-inspired skincare to Amazon shoppers Origins, with over 30 years of expertise in combining naturally-derived and scientifically crafted ingredients for powerful skincare, announced its official debut in the U.S. Amazon Premium Beauty store today. Origins will offer its iconic skincare and body care products along with giftable sets that are perfect for any occasion. Origins will now bring naturally-derived, effective beauty to Amazon customers nationwide with convenience and thoughtful gifting in mind. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20250516435958/en/ This launch marks a strategic step in Origins’ ongoing efforts to meet the evolving needs of skincare shoppers, seeking high-performance, conscious beauty on their favorite platforms. By expanding to the U.S. Amazon Premium Beauty store, Origins reinforces its commitment to delivering both efficacy a

The smarter E Europe 2025: Studies, Technologies and Market Trends for the Energy System of Tomorrow16.5.2025 12:47:00 CEST | Press release

Exactly one week has passed since The smarter E Europe closed its doors in Munich. Once again, Europe’s largest alliance of exhibitions for the energy industry turned the Bavarian capital into the epicenter of the global energy sector and impressed with outstanding results. Over the course of three days, 2,737 exhibitors from 57 countries showcased their technologies, business models and market-ready solutions for an intelligent, interconnected and fully renewable energy system. Around 107,000 professionals from 157 nations took the opportunity to connect, initiate partnerships and launch new projects. The accompanying conferences and side events also attracted strong interest, drawing more than 2,600 participants. The message sent out by The smarter E Europe and its four exhibitions – Intersolar Europe, ees Europe, Power2Drive Europe and EM-Power Europe – was clear: We are the energy system. This press release features multimedia. View the full release here: https://www.businesswire.c

IFF Announces Early Tender Results and Increase of Tender Offers for Certain Outstanding Series of Notes16.5.2025 12:30:00 CEST | Press release

IFF (NYSE: IFF) announced today the early tender results for its tender offers to purchase for cash certain of its outstanding series of Notes. IFF also announced it has increased the previously announced Pool 1 Maximum Amount (as defined below) from $1,000,000,000 to $1,100,000,000 (the “Amended Pool 1 Maximum Amount”), the Pool 2 Maximum Amount (as defined below) from $800,000,000 to $900,000,000 (the “Amended Pool 2 Maximum Amount”, and together with the Amended Pool 1 Maximum Amount, the “Amended Maximum Amounts”), the 2027 Series Tender Cap (as defined below) from $300,000,000 to $400,000,000 and the 2050 Series Tender Cap (as defined below) from $600,000,000 to $649,114,000. The 2025 Notes Series Tender Cap and the 2040 Notes Series Tender Cap (each as defined below) remain unchanged at $500,000,000 and $450,000,000, respectively. Details of tender offers IFF initially offered to purchase for cash: (i) up to $1,000,000,000 aggregate purchase price, excluding accrued and unpaid in

In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.

Visit our pressroom