When one organization is breached, others pay the price.
Today’s digital ecosystems thrive on connection — shared data, shared systems, shared trust. But that same interconnectedness has created a new kind of cyber exposure: multi-party ripple events, where one organization’s breach ripples through its partners, suppliers, and customers.
The latest Ripples Across the Risk Surface 2025 report, produced by Cyentia Institute in collaboration with RiskRecon by Mastercard, reveals that the cost of these events is rising sharply — and not just for the organization that was attacked first.
For many firms, someone else’s incident has become their incident.
Ripple events: 10x more costly than single-party breaches
The data leaves little room for interpretation. Across 1,500+ incidents studied, firms involved in multi-party events suffered typical (median) losses of $4.7 million, compared to just $1.8 million for single-party incidents.
At the high end, losses skyrocketed — extreme losses reached $371 million for ripple generators, over six times higher than similar single-party events.
But perhaps the most striking finding is how those costs are now distributed.
Historically, the organization that experienced the initial breach — known as the ripple generator — bore most of the financial burden. Yet over the past several years, downstream losses among impacted partners (ripple receivers) have increased dramatically, to the point where they now rival the costs of the original victim.
That means even if your organization wasn’t directly breached, your balance sheet may still take the hit.
Connectivity amplifies consequences
The same digital ties that fuel business growth — shared platforms, integrated APIs, and global supply chains — have also created fertile ground for ripple events to spread.
A single exploited vulnerability can cascade across hundreds of connected systems within days. And as industries become more digitized, the scale of those ripple effects expands:
-
Finance, Healthcare, and Education sectors face elevated risk due to extensive partner and data-sharing networks.
-
Utilities, Public Sector, and Information firms are more likely to generate ripple effects, triggering downstream losses.
-
Mid-sized firms often act as “amplifiers,” passing the impact from larger players down to smaller vendors and service providers.
The result? A chain reaction of exposure that few organizations see coming — until it’s too late.
PROPORTION OF SINGLE VS. MULTI-PARTY INCIDENTS BY SECTOR
Ripple receivers are catching up to generators
For the first time, the report shows that the per-firm cost of ripple events for receivers has nearly caught up to generators.
This shift reflects how shared infrastructure and third-party dependencies blur the boundaries between “their problem” and “our problem.”
Cloud service interruptions, data leaks via integrated systems, and compromised credentials in third-party platforms are now common sources of indirect financial loss — even for organizations that weren’t targeted directly.
Simply put, every connection is a potential vector for financial impact.
Visibility turns risk into control
You can’t manage what you can’t see.
The path to mitigating ripple exposure starts with visibility — knowing which vendors, partners, and suppliers have access to your systems, and whether they maintain strong cybersecurity hygiene.
That’s where RiskRecon by Mastercard helps. RiskRecon continuously monitors and rates the cybersecurity posture of vendors across your supply chain, providing clear, objective insights into where vulnerabilities exist and how to prioritize remediation. With that visibility, organizations can strengthen the weakest links before they become costly ripple generators.
From risk to resilience
The cost of connectivity doesn’t have to outweigh its benefits. By building transparent, well-monitored vendor ecosystems, organizations can reduce their exposure to ripple effects — transforming interdependence from a source of risk into a source of resilience.
The data is clear: ripple events are no longer rare exceptions, they’re the rule of modern connectivity.
The organizations that invest in visibility and hygiene today will be the ones still standing tomorrow.
Take the next step
Download the report to see the full findings and get all the insights you need to understand why you need to have total visibility into the cyber hygiene of your third-party ecosystem.
