Third-party breaches increased in 2023, but fewer companies were impacted

Companies responsed faster to cyber attacks

Reading time icon 2 min. read

Readers help support Windows Report. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help Windows Report sustain the editorial team Read more

increased third-party breaches 2023

We have discussed the rise in cyber attacks powered by artificial intelligence and how security analysts have a challenging task ahead of them. If fighting individual threat actors wasn’t enough, companies now have to tackle advanced AI-based threats.

As expected, third-party breaches witnessed an uptick in 2023, according to a report by Black Kite. The number in 2023 stood at 81, while it was 63 in 2022, a 28.5% increase. Surprisingly, the list of affected companies fell to 251, compared to 298 last year.

According to the report, Technical Services were the most affected, followed by Healthcare Services, Software, and IT Management. Ever since COVID-19, more and more companies have gone digital without deploying the necessary security protocols, leading to a rise in third-party breaches.

Black Kite found unauthorized network access to be the primary cause of breaches, responsible for nearly 50% of the cases. This highlights the fact that threat actors are now employing advanced technologies to gain access to systems!

Also, attacks created weak spots in the company’s network, which left them vulnerable to future attacks.

However, a promising trend emerged last year. Companies have swiftly responded to third-party breaches, contained the damage, and quickly reported the incident. The reporting time fell to 76 days in 2023, compared to 108 in 2022.

The report goes on to state that the CLOP group took advantage of every vulnerability across systems and platforms and was the primary source of data leaks.

The report also warns against the increased integration of artificial intelligence and losing focus on cyber security. It states that companies are now spending more money on AI and less on developing an efficient security infrastructure, which makes them an easy target!

On the other hand, artificial intelligence has emerged as a helping hand for security analysts. Microsoft Security Copilot uses AI to break down the scripts in the malware, contains the damage, and helps deploy fixes company-wide in no time.

So, while AI helped threat actors with breaches last year, the next few will witness security analysts deploying it as an effective defence mechanism. Companies like Microsoft will pump more money into the development of such tools because of the growing demand!

You can read the full report on the official website.

What’s your prediction for the next few years? Share with our readers in the comments section.

More about the topics: malware