Download the Report

Report Overview

Ripple Effect Report Thumb

Cyentia Institute and RiskRecon analyzed over 800 multi-party cyber incidents to determine the impact on multiple downstream organizations. This first-of-its-kind report analyzes the ripple effect of multi-party vs. single-party security incidents, the results show that financial losses of multi-party cyber-incidents are 13x greater vs single-party events. 

Key findings: 

  • The average ripple event impacts 10 firms beyond the original victim
  • The largest ripple event touched 131 firms downstream
  • Ripple events are growing more common, increasing on average by 20% annually

Download the report and take a cruise through our interactive graphic to see the interconnected relationships that spider across industries and information transactions. 

This interactive chart based on data from the Ripples Across the Risk Surface report gives you the ability to look at slices of the data analyzed in the report to see the ripple effect that occurs from multi-party security incidents.  At a high level, the chart reveals the highly inter-connected nature of third-party risk among industries. The connecting ribbons trace the "ripple effects" from cybersecurity incidents generated by certain industries to those on the receiving end of downstream loss events from those incidents. 
 
For example, placing your cursor over “Finance Generated" shows that the Finance sector generated 934 loss events that impacted the other sectors highlighted in varying degrees. The thickness of the ribbon reflects the proportion of Finance-generated loss events observed over the last decade for each downstream sector. Highlighting the "Finance Received" section shows the opposite perspective - sectors that most commonly generate events impacting financial firms.
 
We realize the chart is dense and rather difficult to interpret…but that's actually precisely the point. Third-party risk is inherently complex and the effects when things go wrong even more so. We hope this chart, along with the comprehensive analysis found in the full report, offer valuable insights to organizations seeking to better understand and manage those risks.