Acrisure has issued a sharp warning on the rising threat of third-party cyberattacks, arguing that vendor vulnerabilities now represent one of the most serious risks to operational resilience.
The warning comes from James Morgan, Senior Vice President at Acrisure London Wholesale, in a new report analyzing the recent ransomware strike on Collins Aerospace, an RTX Corporation subsidiary.
The attack, launched on September 19, scrambled Collins’ MUSE airport platform, a system critical to passenger check-in, baggage handling, and boarding at dozens of international hubs (see Evolution of Ransomware: Impact on Cyber Insurance Claims & Underwriting).
The fallout was immediate and severe. Airports including London Heathrow, Brussels, Berlin Brandenburg, and Dublin all saw disruption. The European Union Agency for Cybersecurity (ENISA) confirmed ransomware was the weapon of choice.
Morgan said the Collins incident was far from isolated. He pointed to the July 2024 CrowdStrike outage, which rippled through governments and corporations worldwide, and the 2021 Kaseya ransomware attack, which hit thousands of downstream clients via managed service providers.
Together, he said, these cases underline a pattern: cyberattacks targeting key vendors trigger cascading failures far beyond the initial breach.
The Collins Aerospace cyberattack is not a one-off. We’ve seen similar recent events involving other critical vendors, including the July 2024 CrowdStrike outage, which crippled IT systems across major corporations and governments globally, and the Kaseya ransomware attack in 2021, which affected thousands of downstream clients via managed service providers.
James Morgan, Senior Vice President at Acrisure London Wholesale
“Even if your systems are secure, you remain exposed through suppliers,” Morgan explained.
In a hyper-connected economy, organizations depend on complex chains of digital service providers—cloud platforms, logistics firms, payment processors, and more.
Each vendor relationship, he argued, carries the potential to become a vulnerability.
Between 2017 and 2022, the cyber market expanded at an impressive 32% annual rate. Global premiums doubled from 2017 to 2020 and then doubled again from 2020 to 2022, with projections initially anticipating this robust growth to continue.
Despite this, forecasts still suggest 20% annual growth, often presented as a near certainty. While this sounds promising, the question remains: is it realistic? Swiss Re’s data sheds light on the shifting market forces, according to Global Cyber Insurance Outlook.
Insurers now use advanced technological tools to assess risks and offer cybersecurity services, providing a comprehensive approach to cyber risk management.
He stressed that businesses must move past reliance on technical defences alone. Strengthening risk transfer strategies, including insurance that specifically addresses third-party outages, is becoming critical.
The Collins Aerospace incident shows cyber risk isn’t just about stolen data. It’s an operational, financial, and reputational threat
“When a critical vendor fails, the ripple effects are immediate and brutal. From aviation to healthcare, utilities to finance, every industry is tethered to digital providers. Their disruption is your disruption.”
Acrisure’s report positions vendor-driven cyber risk as a systemic hazard. The company argues the stakes now include not only compliance and privacy but also an organization’s ability to continue operations, serve customers, and recover quickly when external systems collapse.
Business leaders are aware of AI-driven cyber risks and their implications. But understanding changing risk profiles to make better decisions around the management of new exposures is the key to cyber resilience, according to Aon report.
The global threat landscape has shifted rapidly, with AI-powered cyber threats—phishing, malware, and social engineering—becoming more advanced and frequent.
Yet, only 30% of surveyed organizations hold cyber insurance, leaving many exposed to avoidable financial losses.
Systemic cyber security events highlighted the compounded risk stemming from increasing technology interdependencies and how quickly a cyber event can affect organizations.
A faulty CrowdStrike Cloud software update crashed more than 8.5 mn systems, disrupting global operations for days and affecting commercial flights, hospitals, and financial services. These major incidents drove an increase in cyber insurance claims throughout the year.
Aon’s U.S. Cyber Solutions broking data recorded 1,228 reported incidents among broking clients in 2024, a 22% rise from the previous year, with cyber incidents and litigation accounting for most claims, increasing by 31%.
Despite the disruption caused by systemic cyber events and the rising number of claims, the financial impact on the insurance industry remained limited because of purchasing trends, changes in program structures, and business continuity planning by insured organizations.
Nevertheless, the industry remains vigilant. The past year’s events were close calls that could have been catastrophic and underscored the risks insurers and organizations must address.
