30% of risk leaders claimed that third-party and nth-party risks are not having an impact or are only having a minimal impact on their business in 2024.

46% of companies are considering expanding the use of third parties for skill improvement.

42% of companies are considering exploring new uses of third parties for skill improvement.

43.7% of organizations surveyed identified third-party services and integrations as a concern, tying with public cloud as the number one risk within the telecom industry.

18 S&P 500 companies cited third-party and vendor exposure as a cybersecurity risk tied to AI.

Only a third of organisations monitor third-party relationships over time.

The percentage of breaches tied to third parties doubled from the previous year.

On average, a single malware infection could expose access to 10 to 25 third-party business applications.

Many of 2024's most exploited vulnerabilities were found in widely used third-party software rather than internally developed applications

SpyCloud recaptured 3,562 third-party breach records in 2024. These third-party breaches amounted to 7.6+ billion breach records.