https://urgentcomm.com/wp-content/themes/ucm_child/assets/images/logo/footer-new-logo.png
  • Home
  • News
  • Multimedia
    • Back
    • Multimedia
    • Video
    • Podcasts
    • Galleries
  • Commentary
    • Back
    • Commentary
    • Urgent Matters
    • View From The Top
    • All Things IWCE
    • Legal Matters
  • Resources
    • Back
    • Resources
    • Webinars
    • White Papers
    • Reprints & Reuse
  • IWCE
    • Back
    • IWCE
    • Conference
    • Special Events
    • Exhibitor Listings
    • Premier Partners
    • Floor Plan
    • Exhibiting Information
    • Register for IWCE
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Terms of Service
    • Privacy Statement
    • Cookies Policy
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • Mission Critical Technologies
    • Microwave/RF
    • T&D World
    • TU-Auto
  • In the field
    • Back
    • In the field
    • Broadband Push-to-X
    • Internet of Things
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Call Center/Command
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Network Tech
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Operations
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Regulations
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • Organizations
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
Urgent Communications
  • NEWSLETTER
  • Home
  • News
  • Multimedia
    • Back
    • Video
    • Podcasts
    • Omdia Crit Comms Circle Podcast
    • Galleries
    • IWCE’s Video Showcase
  • Commentary
    • Back
    • All Things IWCE
    • Urgent Matters
    • View From The Top
    • Legal Matters
  • Resources
    • Back
    • Webinars
    • White Papers
    • Reprints & Reuse
    • UC eZines
    • Sponsored content
  • IWCE
    • Back
    • Conference
    • Why Attend
    • Exhibitor Listing
    • Floor Plan
    • Exhibiting Information
    • Join the Event Mailing List
  • About Us
    • Back
    • About Us
    • Contact Us
    • Advertise
    • Terms of Service
    • Privacy Statement
    • Cookies Policy
  • Related Sites
    • Back
    • American City & County
    • IWCE
    • Light Reading
    • IOT World Today
    • TU-Auto
  • newsletter
  • In the field
    • Back
    • Internet of Things
    • Broadband Push-to-X
    • Project 25
    • Public-Safety Broadband/FirstNet
    • Virtual/Augmented Reality
    • Land Mobile Radio
    • Long Term Evolution (LTE)
    • Applications
    • Drones/Robots
    • IoT/Smart X
    • Software
    • Subscriber Devices
    • Video
  • Call Center/Command
    • Back
    • Artificial Intelligence
    • NG911
    • Alerting Systems
    • Analytics
    • Dispatch/Call-taking
    • Incident Command/Situational Awareness
    • Tracking, Monitoring & Control
  • Network Tech
    • Back
    • Cybersecurity
    • Interoperability
    • LMR 100
    • LMR 200
    • Backhaul
    • Deployables
    • Power
    • Tower & Site
    • Wireless Networks
    • Coverage/Interference
    • Security
    • System Design
    • System Installation
    • System Operation
    • Test & Measurement
  • Operations
    • Back
    • Critical Infrastructure
    • Enterprise
    • Federal Government/Military
    • Public Safety
    • State & Local Government
    • Training
  • Regulations
    • Back
    • Narrowbanding
    • T-Band
    • Rebanding
    • TV White Spaces
    • None
    • Funding
    • Policy
    • Regional Coordination
    • Standards
  • Organizations
    • Back
    • AASHTO
    • APCO
    • DHS
    • DMR Association
    • ETA
    • EWA
    • FCC
    • IWCE
    • NASEMSO
    • NATE
    • NXDN Forum
    • NENA
    • NIST/PSCR
    • NPSTC
    • NTIA/FirstNet
    • P25 TIG
    • TETRA + CCA
    • UTC
acc.com

Cybersecurity


Partner content

Damages escalate rapidly in multi-party data breaches

Damages escalate rapidly in multi-party data breaches

  • Written by Robert Lemos / Dark Reading
  • 19th October 2021

Companies that do not prepare for attacks coming from their vendors are putting themselves at risk of a multiparty breach— where a single compromise can balloon into intrusions of as many as 800 companies, new analysis by data-science firm Cyentia Institute found.

The report, which focused on the top 50 multiparty breaches, found that the average large breach involved 31 organizations and cost $90 million, compared with $200,000 loss for a typical cybersecurity incident. While system intrusions accounted for the incident category with the largest number of organizations impacted (57%), ransomware and wiper incidents caused the greatest loss, accounting for 44% of all recorded losses, according to Cyentia.

In addition, attacks that involved valid accounts and that were conducted by nation-state actors also caused much higher per-incident damages, the firm stated.

The data analysis suggests that companies should put more effort into ensuring their vendors and contractors are not providing a doorway into their networks, says John Sturgis, data scientist at Cyentia.

“Even if you never thought about being targeted directly by a nation-state actor, thinking about it through a lens of what providers do I have that could be targeted, and how can I manage my exposure even within my third parties is a real valid and tractable problem to try and engage in?” he says.

The analysis, part of Cyentia’s “Information Risk Insights (IRIS)” study, uses data from insurance data provider Advisen, whose Cyber Loss database consists of nearly 100,000 cyber events. Cyentia combined the largest 30 multiparty events as measured by three different criteria: total incurred costs, number of individuals affected, and number of organizations affected. It then selected the top 50 based on the combined totals and the amount of data available.

The lesson from the largest of the multiparty breaches is that companies’ cybersecurity and risk mitigation efforts need to focus on attackers not only targeting businesses but also targeting third parties, which ripples downstream to those vendors’ clients. For that reason, companies need to do more than shallowly vet the security of their vendors, says Wade Baker, co-founder of Cyentia.

To read the complete article, visit Dark Reading.

 

Tags: Applications Companies Critical Infrastructure Cybersecurity Enterprise Federal Government/Military Incident Command/Situational Awareness News Policy Public Safety Security Software State & Local Government Subscriber Devices System Design System Operation Tracking, Monitoring & Control Training Partner content

Most Recent


  • Long-haul autonomous truck revealed
    Is this the future of trucking? California start-up Solo AVT certainly thinks so. The Fremont-based company has revealed the dramatic SD1 for the first time, and it’s certainly caused a stir with its bold looks. The SD1 is a long-haul electric Class 8 truck developed specifically for autonomous driving that can deliver a range in excess of […]
  • 5G proponents fret over Biden's fiber fancy
    The US government on Friday released some guidelines on how US states should dole out $42.5 billion for broadband services in rural areas. “Thanks to President Biden’s Bipartisan Infrastructure Law, Americans across the country will no longer be held back by a lack of high-speed Internet access,” US Commerce Secretary Gina Raimondo declared in a statement. However, those […]
  • Log4Shell exploit threatens enterprise data lakes, AI poisoning
    Enterprise data lakes are filling up as organizations increasingly embrace artificial intelligence (AI) and machine learning — but unfortunately, these are vulnerable to exploitation via the Java Log4Shell vulnerability, researchers have found. Generally, organizations are focused on ingesting as many data points for training an AI or algorithm that they can, with an eye toward […]
  • Damages escalate rapidly in multi-party data breaches
    Newscan: EV-infrastructure cyber vulnerabilities put cars, the grid at risk
    Web Roundup Items from other news organizations EV-infrastructure cyber vulnerabilities put cars, the grid at risk U.S. signs on to new electronic-evidence protocol in international cybercrime agreement FBI told Israel it wanted Pegasus hacking tool for investigations 988 hotline for mental-health emergencies will launch nationwide on July 16. Will states be ready? Justice, EEOC release […]

Leave a comment Cancel reply

To leave a comment login with your Urgent Comms account:

Log in with your Urgent Comms account

Or alternatively provide your name, email address below:

Your email address will not be published. Required fields are marked *

Related Content

  • Russia ramps up biometrics in transportation
  • Damages escalate rapidly in multi-party data breaches
    Newscan: Captured, killed or compromised: CIA admits to losing dozens of informants as comms breached
  • China leading the pack in uncrackable quantum communications
  • Worried over antitrust debate, Apple talks sideloading dangers

Commentary


LTE and liability: Why the fire service must move forward with digital incident command

  • 1
6th May 2022

Partnership and collaboration must be the foundation for emergency communications

18th April 2022

FirstNet success means no hypothetical ‘shots’ need to be fired, Swenson says

22nd February 2022
view all

Events


UC Ezines


IWCE 2019 Wrap Up

13th May 2019
view all

Twitter


UrgentComm

Long-haul autonomous truck revealed dlvr.it/SQSczK

16th May 2022
UrgentComm

5G proponents fret over Biden’s fiber fancy dlvr.it/SQSYCp

16th May 2022
UrgentComm

Log4Shell exploit threatens enterprise data lakes, AI poisoning dlvr.it/SQRMng

16th May 2022
UrgentComm

Newscan: EV-infrastructure cyber vulnerabilities put cars, the grid at risk dlvr.it/SQKjJW

13th May 2022
UrgentComm

Motorola Solutions continues buying spree with Videotec acquisition dlvr.it/SQKHHs

13th May 2022
UrgentComm

Black Hat Asia: Firmware supply-chain woes plague device security dlvr.it/SQJZfs

13th May 2022
UrgentComm

Artemis returns with private pCell strategy dlvr.it/SQJTqp

13th May 2022
UrgentComm

Breaking down the Strengthening American Cybersecurity Act dlvr.it/SQFKXD

12th May 2022

Newsletter

Sign up for UrgentComm’s newsletters to receive regular news and information updates about Communications and Technology.

Expert Commentary

Learn from experts about the latest technology in automation, machine-learning, big data and cybersecurity.

Business Media

Find the latest videos and media from the market leaders.

Media Kit and Advertising

Want to reach our digital and print audiences? Learn more here.

DISCOVER MORE FROM INFORMA TECH

  • American City & County
  • IWCE
  • Light Reading
  • IOT World Today
  • Mission Critical Technologies
  • Microwave/RF
  • T&D World
  • TU-Auto

WORKING WITH US

  • About Us
  • Contact Us
  • Events
  • Careers

FOLLOW Urgent Comms ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookies Policy
  • Terms
Copyright © 2022 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X