Cybersecurity ‘ripple events’ lead to 26x greater losses

A new report by the Cyentia Institute, sponsored by risk management company RiskRecon has analyzed over 800 cyber incidents and their impact on multiple downstream organizations.

It finds that multi-party loss events that impact thousands of downstream organizations, otherwise known as ‘ripple events’, can result in 26x larger financial losses than traditional single-party incidents.

A median ripple breach event causes 10x the financial damage of a traditional single-party breach, with the worst of the multi-party breach event causing 26x the damage. There’s a long tail too, it takes 379 days for a typical ripple event to impact 75 percent of its downstream victims.

The research’s largest ripple in terms of organizational impact involved the cloud computing provider Blackbaud and affected 550 firms.

The complex nature of modern business means that the B2B relationship is not necessarily directly between the initial victim and those caught up in a ripple’s downstream loss events. This means the relationship between parties involved in ripple events can be difficult to track.

Indeed the report finds that there’s at least a two-year delay for ripple events to unfold and it may be as long as five years before they become apparent.

The report’s authors conclude, “One thing we’ve drawn greater clarity on in the past year is the rising number of outlier ripple events that are causing a much greater surge in downstream loss events than the typical ripple. These events impact so many third- and N-th party relationships that they are more like tsunami events than mere ripples. They impact 50 or more companies from a single triggering incident, and one of them uncovered in this year’s research — the Blackbaud incident referenced in our examples — actually impacted 11x more organizations than that, 550 to be precise.”

The full report is available from the RiskRecon site.

Image credit: EpicStockMedia/depositphotos.com