Understanding Third-Party Risk: Identifying and Mitigating External Threats

SecurityScorecard's report highlights a surge in third-party and fourth-party breaches, attributing 35.5% of recent data breaches to vendor compromise and noting heavy abuse of file-transfer software, active campaigns by Clop, and contributions from Chinese-linked actors; it also reports 41.4% of ransomware breaches now stem from third parties and provides practical vendor-risk management actions (inventorying vendors, continuous monitoring, contractual protections, rapid remediation) plus signs a vendor may be compromised.