New Study: Nearly Half of Organizations Suffered a Third-Party Cyberattack or Data Breach in 2024

New Study: Nearly Half of Organizations Suffered a Third-Party Cyberattack or Data Breach in 2024

A joint study by the Ponemon Institute and Imprivata found that nearly half (47%) of global organizations experienced a data breach or cyberattack over the past 12 months that involved a third-party partner accessing their network.

Notably, 64% of respondents said these types of third-party data breaches will either increase or remain at alarmingly high levels over the next 12-24 months.

The report, "The State of Third-Party Access in Cybersecurity," surveyed nearly 2,000 IT security practitioners worldwide and found ever-increasing third-party access risk. Nearly half (48%) of organizations agree that third-party remote access is becoming the most common attack surface.

"Third-party access is necessary to conduct global business, but it is also one of the biggest security threats and organizations can no longer remain complacent," said Joel Burleson-Davis, Senior Vice President of Worldwide Engineering, Cyber, at Imprivata. "While some progress has been made, organizations are still struggling to effectively implement the proper tools, resources, and elements of a strong third-party risk management strategy."

The report details organizations that experienced:

• Loss or theft of sensitive and confidential information (53%)
• Regulatory fines (50%)
• Severed relationships with the affected third-party or vendor (49%)
• Damage from too much third-party privileged access (34%)

More than one-third (35%) of respondents said they were unsure how the cyberattacks they suffered were perpetrated, a stark increase from just 2% in 2022.

To download the full report from Imprivata, click here. To see how Old National can work to protect your business, data, and financial assets, including recommended best practices and a security checklist, click here.

Subscribe for Insights