While Slack’s downtime was inconvenient, other recent outages have had more severe consequences. In early 2024, Change Healthcare, a payment processing provider under UnitedHealth Group, suffered a ransomware attack that disrupted medical billing nationwide. Healthcare providers struggled to process insurance claims, delaying patient care and, in some cases, resorting to handwritten billing records. A few months later, CDK Global, a software provider used by car dealerships, was hacked, causing widespread operational shutdowns across the auto sales industry.
In July, a major issue with cybersecurity firm CrowdStrike led to massive flight cancellations, grounding thousands of travelers worldwide.
These incidents demonstrate how companies, even with strong internal security measures, remain vulnerable to the weaknesses of their vendors. Cyber insurance and risk management company Resilience reported that in 2024, nearly one-third of the claims it processed were related to vendor-based cyber incidents, including outages and ransomware attacks.
The company’s CEO, Vishaal “V8” Hariprasad, noted that many organizations overlook the risks posed by third-party providers, despite the potential for significant financial losses.
While businesses cannot completely eliminate third-party risks, they can take steps to reduce their exposure. Conducting thorough security assessments before partnering with vendors is crucial. Many organizations assume that if a company offers a widely used service, it must be secure, but that is not always the case.
Companies should verify whether vendors carry cyber insurance covering third-party risks and review their security protocols, especially for remote access. Cybersecurity rating services such as Security Scorecard and BitSight can help businesses monitor vendor vulnerabilities in real time, allowing them to respond quickly to potential threats.
Developing a robust incident response plan can help minimize the impact of vendor failures. Businesses should conduct risk assessments to identify critical systems and outline alternative solutions in case of outages.
For example, if a primary communication platform becomes unavailable, having a backup system in place can prevent workflow disruptions. Regular cybersecurity drills can also help companies prepare for worst-case scenarios, ensuring that employees know how to respond to a vendor-related cyber incident.
Strengthening internal security measures is another essential step. Multi-factor authentication, zero-trust architecture, and network monitoring can help prevent attackers from exploiting vendor weaknesses to gain access to a company’s systems.
Subscribing to dark web monitoring services can also help detect stolen credentials, allowing businesses to take preventive action before cybercriminals can exploit compromised accounts.
A single cyber incident does not necessarily indicate that a vendor is unreliable, but how they respond to the crisis matters. CrowdStrike’s software update issue in July led to thousands of flight cancellations, but some cybersecurity experts argue that the company’s overall security offerings remain strong. Knee-jerk reactions, such as immediately abandoning a vendor after an incident, can sometimes do more harm than good.
While vendor-related cyber risks are an unavoidable part of doing business in a digital world, preparation and proactive security measures can make the difference between a minor disruption and a full-blown crisis. Companies that invest in due diligence, response planning, and internal security improvements are better positioned to withstand third-party failures and recover quickly when issues arise.
