In an unprecedented year for cyber insurance, businesses have faced a significant increase in cyber insurance claims and financial losses, primarily driven by third-party risks. The data, compiled by Resilience, a cyber risk solutions provider, underscores the critical role third-party vulnerabilities play in the current cybersecurity landscape. As organizations increasingly rely on interconnected systems and a myriad of software vendors, the robustness of their cyber defenses is being tested like never before. The interconnectedness brings efficiencies but also exposes shared vulnerabilities that, when exploited, can lead to substantial disruptions and financial impacts.
Ransomware attacks and vendor-related outages were significant contributors, comprising 31% of all cyber insurance claims in 2024 and accounting for 23% of incurred financial losses — a stark contrast from zero the previous year. This surge highlights the evolving tactics of cybercriminals, who now exploit vulnerabilities within an organization’s extended network rather than focusing on the organization alone. High-profile breaches at companies like PowerSchool, CDK, and Change Healthcare serve as a testament to this trend, showing how attacks aimed at third parties can cause widespread disruption.
The Rise of Third-Party Risks
The rise of third-party risks reflects the changing dynamics within the cyber threat landscape. Businesses now operate within complex ecosystems of vendors, partners, and cloud services, each representing potential points of failure. As companies expand their digital boundaries, they must also extend their cybersecurity protocols to encompass these external entities. Vishaal “V8” Hariprasad, CEO of Resilience, emphasizes that businesses must acknowledge and mitigate the risks shared with partners to prevent severe financial impacts. By understanding the shared nature of these risks, companies can strategize more effective defenses.
Ransomware remains a prevalent threat, with such attacks accounting for 61% of claims involving losses. Within these, 43% were first-party incidents, but a notable 18% of the claims targeted vendors. This highlights a crucial point: even if a company’s internal defenses are solid, a breach in a vendor’s system can result in considerable fallout. Transfer fraud also saw a rise, increasing to 18% of incurred claims from 14% the previous year. In stark contrast, phishing-related claims have significantly decreased, dropping from 20% in 2023 to just 9% in 2024. This data implies that while some threats are diminishing due to better awareness and improved defenses, others are rising, reflecting the adaptive nature of cybercriminal strategies.
Industry-Specific Vulnerabilities
Certain industries have been more heavily impacted by the rise in cyber insurance claims, largely due to outdated operational technologies and the high cost of downtime. For example, transportation, manufacturing, and healthcare sectors frequently report higher incidences of cyberattacks. These industries rely heavily on legacy systems that are often not equipped to handle modern cyber threats, making them prime targets for disruption. Downtime for these companies translates directly to significant financial losses, not only from direct attack damage but also from the operational halt and the subsequent remediation efforts required to get back online.
Healthcare and finance sectors show a different aspect of vulnerability; while they may not face catastrophic operational disruptions as frequently, their strict regulatory environments make any incident reportable and costly. These industries are required to maintain stringent data security standards and are obligated to disclose breaches, even if the incidents do not result in significant operational damage. This means that insurance claims can still be prevalent, driven not by the scale of the attack, but by the rigor of compliance requirements and the costs associated with regulatory fines and mandated improvements.
Jeremy Gittler, Global Head of Claims at Resilience, has pointed out that despite these evolving threats, organizations are making commendable progress in managing cyber risks. The emphasis on comprehensive risk management strategies that include not only internal defenses but also robust third-party management is becoming more prevalent. Businesses are increasingly aware that securing their ecosystems means looking beyond their own digital walls and ensuring that partners and vendors adhere to strict cybersecurity standards. By fostering a culture of shared responsibility, companies can better prepare for and mitigate the impacts of potential cyber threats.
Key Takeaways and Future Considerations
In a year marked by unexpected challenges for cyber insurance, businesses faced a notable surge in cyber insurance claims and financial losses, largely due to third-party risks. Data from Resilience, a provider of cyber risk solutions, highlights the importance of third-party vulnerabilities in the current landscape of cybersecurity. As organizations increasingly depend on interconnected systems and various software vendors, their cyber defenses are being stretched to new limits. This interconnectedness brings efficiency but also exposes shared vulnerabilities that, when exploited, can lead to significant disruptions and financial repercussions.
In 2024, ransomware attacks and vendor-related outages were major factors, accounting for 31% of all cyber insurance claims and 23% of financial losses—a drastic rise from none the previous year. This trend underscores the evolving strategies of cybercriminals who now target weaknesses within an organization’s broader network instead of just the organization itself. Notable breaches at companies like PowerSchool, CDK, and Change Healthcare illustrate how attacks aimed at third-party entities can create widespread disruption and financial harm.
