Impact on Industries and Ecosystems

The interconnected nature of today’s industries means that cyber incidents rarely affect just one organization. Instead, these events ripple through entire ecosystems, causing widespread disruptions that impact multiple sectors. The breaches and ransomware attacks of 2024 highlighted systemic vulnerabilities, demonstrating how third-party and fourth-party dependencies amplify risks across industries.

From healthcare to retail, logistics, finance, insurance, and manufacturing, the incidents discussed in this report disrupted critical operations, delayed services, and eroded stakeholder trust. These cascading effects underscore the importance of understanding not only direct risks but also the broader ecosystem dependencies that exacerbate the impact of cyber events.

This section explores how the most affected industries responded to the challenges posed by these incidents, the unique risks they face, and the strategies they must adopt to build resilience in an increasingly interconnected digital landscape.

Industry-Specific Impacts

Note: The percentages mentioned are based on the number of publicly disclosed data breaches; operational disruptions without data breaches are not included in these statistics.

Top 3 Industries Impacted by a Data Breach Caused by a Third Party

Industry Breakdown of Supply Chains with Improved Vendor Cyber Ratings Post-Breach

Top 3 Industries Impacted by a Data Breach Caused by a Third Party

Industry Breakdown of Supply Chains with Improved Vendor Cyber Ratings Post-Breach

Among vendors that experienced a breach and subsequently improved their cyber rating by at least 3 points, 72.4% serve the Healthcare Services industry, 14.4% cater to Financial Services, and another 14.4% support other sectors. This distribution suggests a potential correlation between industry-specific demands and the prioritization of cybersecurity improvement initiatives.

Healthcare

The healthcare sector was the most affected by third-party breaches in 2024, accounting for 41.2% of all incidents. This dominance is attributed to the high value of patient data, operational dependencies on third-party providers, and the sector's inherent vulnerabilities.

Key incidents, such as those involving HealthEC and Cencora, disrupted operations across hospitals, insurance companies, and laboratories. For instance:

The HealthEC breach alone affected 17 healthcare organizations, highlighting the cascading risks from a single third-party vulnerability.

Operational outages in 142 U.S. hospitals and 40 nursing facilities in Texas and Kansas showcased the sector's reliance on interconnected vendor ecosystems.

Despite these challenges, healthcare showed the highest improvement in cyber ratings among industries, with 72.4% of all vendors that improved their scores by over three points serving this industry. This progress reflects the impact of regulations like HIPAA, which continue to drive advancements in cybersecurity posture.

Retail and Logistics

Supply chain disruptions dominated the retail and logistics sectors in 2024, with incidents such as the Blue Yonder ransomware attack and Cleo exploitation causing widespread delays and operational inefficiencies. Key impacts included:

Shipment tracking failures and inventory shortages across major retailers, including Walmart and Kroger.

Retailers reported significant financial losses due to missed holiday sales, with cascading effects on customer trust and brand reputation.

These incidents underscored the systemic vulnerabilities in supply chain software and integration tools, emphasizing the need for robust third-party risk management.

Manufacturing

Manufacturing accounted for 14% of third-party data breaches in 2024, with ransomware attacks posing the greatest threat. The CDK Global ransomware incident exemplified the sector's vulnerability, disrupting operations at over 3,000 car dealerships.

Other significant incidents included:

Schneider Electric Cyberattack: In November 2024, Schneider Electric faced a cyberattack that exposed 40GB of sensitive data related to internal projects, highlighting the risks to manufacturing infrastructure.

Microchip Technology Incident: In August 2024, Microchip Technology reported disruptions at multiple manufacturing facilities due to unauthorized access to servers, delaying order fulfillment and impacting operations.

Manufacturers reliant on just-in-time inventory systems experienced significant financial and reputational damage. Ransomware operators exploited this dependency, knowing that even brief disruptions could halt production lines and delay deliveries. Despite these challenges, manufacturing vendors showed minimal improvement in cyber ratings, highlighting a need for stronger industry-wide initiatives.

Finance & Insurance

The finance and insurance sector was significantly impacted by third-party data breaches in 2024, accounting for 14.9% of such incidents. This highlights the sector's vulnerability due to its extensive reliance on third-party services and the high value of financial data.

Key incidents include:

The breach at Financial Business and Consumer Solutions (FBCS), which affected organizations like Comcast and Truist Bank, exposed sensitive data, including names, addresses, Social Security numbers, and account details.

A breach involving a third-party tech provider disrupted operations at the National Payments Corporation of India (NPCI), highlighting the global reach of such vulnerabilities.

These breaches led to substantial operational challenges, including extensive system audits, enhanced security measures, and potential service interruptions during remediation efforts. Financial losses from these incidents were significant, with the sector facing potential regulatory fines and legal expenses. Reputational damage also loomed large, eroding customer trust and impacting client retention.

Despite these challenges, the finance and insurance sector demonstrated a proactive approach to cybersecurity, as one of only three industries with vendors that showed cybersecurity improvements after a breach. Approximately 14% of vendors that improved their cyber ratings by over three points serve this industry, reflecting ongoing investments in security infrastructure and compliance with stringent regulatory standards. These efforts highlight the sector's commitment to safeguarding sensitive financial data and maintaining stakeholder trust.

Cross-Industry Ecosystem Risks

The cyber incidents of 2024 underscored the interconnectedness of industries and the systemic risks posed by widely adopted tools and platforms. Vulnerabilities in third-party software, such as Cleo and Snowflake, revealed how a single weakness can ripple across multiple sectors.

Cleo Exploitation:

The exploitation of Cleo’s Managed File Transfer tools impacted industries like logistics, manufacturing, and retail. The cascading effects disrupted supply chains, delayed production, and caused inventory shortages.

Snowflake Breach:

The breach of Snowflake's accounts highlighted the vulnerabilities in cloud-based systems, affecting sectors from telecommunications to finance and retail. Data exposure in one industry often had indirect repercussions across others.

These examples demonstrate that no industry operates in isolation. The interconnected nature of modern ecosystems amplifies the impact of breaches, transforming what might seem like isolated incidents into industry-wide disruptions.

Vendor Statistics: Trusted Partners, Hidden Risks

A Widening Attack Surface

Top 3 Vendor Industries That Caused Data Breaches in 2024

In 2024, Software Services vendors accounted for 26.4% of all breaches, a significant increase from the previous year. This growth highlighted the increasing reliance on software platforms and tools where a single vulnerability can spread to countless organizations, exponentially increasing risk.

Technical Services stood out at 11.5%, though their share fell compared to previous years. This shift indicates attackers’ growing preference for targeting software supply chains as organizations further digitize their operations.

Healthcare vendors (9.2%) continued to exhibit persistent vulnerabilities, signaling the need for stronger vendor management strategies across these industries.

Aftermath and Lessons Learned

Vendors that Improved Their Cyber Ratings by 3 Points

Cybersecurity improvements among vendors remained rare, with only 11% (10 out of 92) of breached vendors successfully improving their Cyber Ratings by 3 points or more. Of these vendors, 20% were from Software Services, 20% from Healthcare Services, 20% from Finance, and 40% from other industries.

Vendors that Improved Their Cyber Ratings by 3 points

Cybersecurity improvements among vendors remained rare, with only 11% (10 out of 92) of vendors successfully improving their Cyber Ratings by 3 points or more. Of these vendors, 20% were from Software Services, 20% from Healthcare Services, 20% from Finance, and 40% from other industries.

Percent of Vendors That Improved Their Cyber Hygiene After a Data Breach

The aftermath of cyber incidents provides a unique lens into how vendors respond to and learn from breaches. This year’s analysis shows that vendors in the healthcare industry improved their cybersecurity posture the most, with 62.5% of those vendors achieving better grades post-incident. This can be partially attributed to regulatory requirements in frameworks like HIPAA they must adhere to. In contrast, only 21.7% of software services vendors, which face relatively less regulatory pressure, showed measurable improvement.

From a Third-Party Risk Management (TPRM) perspective, this highlights the importance of considering the industries your vendors operate in. By analyzing your vendors’ industries, you can better assess how likely they are to improve their cybersecurity posture after a breach—helping you identify which vendor sectors may require closer, ongoing attention.

Percent of Vendors That Improved Their Cyber Hygiene After a Data Breach

< Previous

Next >