We studied the 50 largest multi-party incidents over the past several years to understand their causes and consequences from beginning to end. This report identified cyber events involving multiple organizations and sought to understand who was behind them, what happened, how the after-effects propagated through the supply chain, and the financial losses for all parties involved.
The report delves into the realm of cyber risk management, emphasizing the importance of data-driven decision-making in the face of cyber threats. It highlights the inadequacies of traditional risk assessment methods which often rely on subjective judgments and qualitative ratings, proposing instead a more empirical approach based on extensive data analysis. The Cyentia Institute, in collaboration with Advisen, utilizes a comprehensive dataset covering 56,000 cyber events across 35,000 organizations over the past decade to derive insights into the frequency and financial impact of cyber incidents. This analysis not only provides a clearer picture of the cyber risk landscape but also challenges conventional wisdom, such as the flat cost-per-record method for estimating breach losses, which the report argues is significantly flawed.The findings reveal that larger organizations, particularly those within the Fortune 1000, are more likely to experience cyber incidents, with a 25% annual likelihood of a breach. However, the impact of these breaches varies significantly across industries and organization sizes, with sectors like information services and financial firms facing higher rates of incidents and losses. The report also introduces probabilistic models for estimating potential losses based on the number of records breached, offering a more nuanced approach that accounts for the variability and unpredictability of cyber events. By providing a detailed analysis of breach probabilities and loss estimations, the report aims to equip cyber risk managers with the tools to better assess and mitigate risks, moving towards a more informed and quantitative approach to cyber security.
Key Findings
- Ransomware accounted for 44% of financial losses in multi-party cyber incidents.
- The median cost of extreme multi-party cyber incidents is $90 million, significantly higher than typical incidents.
- Supply chain compromises led to the largest financial losses and number of secondary victim firms.
- State-affiliated actors were responsible for a significant portion of financial losses, over $10 billion.
- System intrusions were the most common type of incident, affecting the largest number of downstream organizations.