Our goal at Black Kite is to make sure you gain awareness of what is most relevant in the threat landscape going into the new year. The focus remains on understanding emerging vulnerabilities seized by cybercriminals, as well as target industries falling victim to breaches, stemming from a lack of due diligence. We studied why certain industry sectors faced higher susceptibility to an attack, as well as the most vulnerable vendors to the initial breach themselves.

For this report, Black Kite Research decided to approach the cost of a data breach from a new angle, to build upon survey-based data in a comprehensive way. The first half of this report provides insight into the 2,400 analyzed data breaches. The second half, the cyber risk posture deep dive, covers a thorough analysis of the 1,700 organizations that are still online and in business today.

The report sheds light on the sectors most at risk, with technical services vendors leading the breach statistics for the fourth consecutive year. Despite this, a silver lining emerges as a significant portion of these vendors demonstrated improvements in their cyber ratings postbreach. The healthcare sector continues to bear the brunt of these incidents, reinforcing the need for heightened security measures within this critical industry.

This report, the result of a collective effort of Black Kite Researchers, focuses on what has changed in 2022, for better or for worse, compared to 2021. It highlights some of the lessons of past years and those still being learned within the changing cyber landscape. For this study, Black Kite Research analyzed 63 individual third party incidents, which ultimately resulted in more than 298 publicly-disclosed headline breaches and data leaks during the past year. These events inevitably caused thousands of other ripple-effect breaches throughout 2022. The report finalizes the lessons learned and relevant recommendations for the future.