From the data presented in our latest research report, one thing should be crystal clear - no organization is safe from a multi-party ripple event. As firms of all shapes and sizes continue to allow companies to access their data, client information, employee details, etc., they also open up more paths for security incidents that can harm their business. The reality is while you can’t protect yourself from every third-party threat, you can take control over the risks that will impact your business the most.
One thing we’ve drawn greater clarity on in the past year is the rising number of outlier ripple events that are causing a much greater surge in downstream loss events than the typical ripple. These events impact so many third- and Nth party relationships that they are more like tsunami events than mere ripples. They impact 50 or more companies from a single triggering incident, and one of them uncovered in this year’s research—the Blackbaud incident referenced in our examples— actually impacted 11x more organizations than that, 550 to be precise.
Rise of Tsunami Events by Companies Involved
It’s only logical to see that the number of records exposed or breached from these tsunami events is also many times more than the typical ripple event. The smallest tsunami event in our data set impacted 200M records, and the largest topped out at 1B records exposed.
Rise of Tsunami Events by Records Affected
Due to the outsized impacts of tsunami events, we plan on examining these with further scrutiny in a future report later this year. Expect more data and analysis on this soon.