New analysis shows vendor risk driving financial losses, making up nearly a quarter of material claims in 2024, according to cyber risk company Resilience.

Third-party risk emerged as a dominant driver of cyber insurance claims and material losses in 2024 highlighting the need for companies to widen their focus not just on their security risks, but also that of their partners.

A single point of failure in one company is all that is needed to create a cascading effect of disruption and chaos downstream, as evidenced by recent incidents like the PowerSchool, CDK, and Change Healthcare breaches.

New cyber insurance claims data from Resilience’s portfolio illustrates the financial fallout of this domino effect, finding that third-party risk, including ransomware and outages affecting vendors, accounted for 31 percent of all claims in 2024.

Third-party risk led to claims with incurred losses for the first time ever, making up nearly a quarter (23 percent) of incurred claims in 2024 (compared to 0 percent in 2023).

“Third-party risk isn’t only making headlines—it’s driving unprecedented losses. While this risk is often invisible until it’s too late, it’s now clear that the industry has reached a tipping point,” said Vishaal “V8” Hariprasad, co-founder and CEO of Resilience. “Businesses can no longer afford to consider their partners’ vulnerabilities as siloed from their own. By understanding this new reality of shared risk, enterprises can make smarter business decisions and meaningfully mitigate material loss.”

Ransomware held its position as a top cause of loss in 2024, with transfer fraud coming in a close second.

Nearly half (43 percent) reported incurred claims involved first-party ransomware incidents and 18 percent of incurred claims involved ransomware attacks targeting vendors, making 61 percent of all claims with losses related to ransomware.

Transfer fraud rose in popularity, rising from 14 percent of incurred claims by frequency in 2023 to 18 percent in 2024.

Transportation, manufacturing and healthcare led in incurred claim frequency, potentially due to their reliance on often outdated operational technology and high downtime costs.

Healthcare and finance led in claim reporting frequency, potentially due to their stricter regulatory environments and requirements to report incidents, even if they are not material, the cybersecurity firm said.

Once a primary point of failure, phishing proved less effective in causing financial loss, data showed.

In 2024, phishing led to just 9 percent of incurred claims, a significant drop from 2023, a year in which it led to 20 percent of incurred claims.

“As a company that provides both cyber risk quantification software and cyber insurance, we have unique insight into how companies are mitigating financial fallout from today’s cybersecurity challenges,” said Jeremy Gittler, global head of claims at Resilience. “Even in the face of an evolving threat landscape over the past year, enterprises are continuing to make major improvements in how they manage cyber risk and prevent material loss.”

The new findings follow Resilience’s August 2024 Midyear Cyber Risk Report and leverage data from the company’s Threat Intelligence team and insurance claims portfolio to provide a comprehensive, up-to-date look at trends in cyber risk and how enterprises have responded throughout 2024.