40% of organizations reported that customer and/or employee data was compromised, stolen, or held to ransom in the past year.

28% of organizations reported breaches as the most common API security problem.

Indirect losses impact up to 70% of OT-related breaches.

In the year prior to 2024, malware was the cause of 61% of all breaches.

In the year prior to 2024, malware was the cause of 61% of all breaches.

Japan had a third-party breach rate of 60%.

The retail & hospitality industry saw the highest third-party breach rate at 52.4%.

The energy and utilities industry had a third-party breach rate of 46.7%.

The healthcare sector had the most third-party breaches (78) but a below-average rate of 32.2%.

The Netherlands had the second-highest third-party breach rate at 70.4%.

The U.S. reported a lower third-party breach rate of 30.9%, falling 4.6% below the global average.

41.4% of ransomware attacks now start through third parties

The technology industry had the second-highest third-party breach rate at 47.3%.

35.5% of all breaches in 2024 were third-party related. This figure is noted as likely conservative due to underreporting and misclassification.

46.75% of third-party breaches involved technology products and services. This represents a drop from the previous year's 75%, indicating a diversification of attack surfaces.

Singapore had the highest third-party breach rate globally at 71.4%.

Cyberattacks such as data breaches, ransomware, and IT disruptions were identified as the leading cyber risks affecting businesses.