In recent years the incidents of cybercrime have increased exponentially and in the manufacturing industry cyber-espionage now counts as one of the biggest risks to organisations. According to IBM's 2016 Cyber Security Intelligence Index Manufacturing is one of the most frequently hacked industries, far more than other sectors such as education, healthcare and even finance.
Why are manufacturers targeted?
A common misconception is that the more consumer data you hold the more vulnerable you are to cyber-attacks. If manufacturers have a viewpoint such as this it creates vulnerability, as the company will be less inclined to worry about data security. But intellectual property, trade secrets, business processes, financial details and future plans can all be potential objectives for cybercriminals.
Also, manufacturers are often part of a complex and large supply chain, which cybercriminals can use to their advantage as there have been cases where cyber-attackers gained unauthorised access to one company system to gather information or attack another company.
According to a recent Verizon 2017 Data Breach Report, most data breaches occur because of data phishing attacks aimed at employee email accounts. Often cloaked in an email sent to numerous employees, such emails containing links or attachments once opened will install malware that allows the cyber-criminal access to internal systems, giving the attacker all the information they want. In fact, phishing attacks are so commonly used that they accounted for 73% of all data breaches in the sector in 2016. Part of the solution could be employee training, ensuring everyone knows how to spot a scam or fake email is a vital step on the road to decreasing data security risks.
The potential costs of cyber espionage
Potential costs of fallen victim to cybercrime can be varied from research and development data being stolen to brand reputation damage.
Imagine if your intellectual property was stolen or your next idea was taken and given to competitor? Manufacturers could lose out by being undercut in both costing and time to market. But it's not just lost revenue that is at stake. Cyber espionage also provides a greater threat to the economic security of brands both large and small – and that's not all.
In the era of the 'Internet of Things' (IoT), such hacking and data breaches aimed at manufacturers may well make it into the homes and put consumers at risk as well. Fridges, heating systems, light bulbs and even ovens can now all be connected to the internet. The data supplied by users in the daily running of lives and households is stored by manufacturers often innocuously, as often as part of the product improvement process. All this data is valuable and can be a sitting target.
Manufacturing businesses need to be more vigilant before instances of cyber espionage can decline in the sector. Cyber-attack is a serious issue, a breach can destroy a company.
Minimising data security risks
As mentioned earlier, training employees about the dangers of cyber-attacks and how to spot a potential threat is just one of the ways, other things include: -
- Assess the IT infrastructure for vulnerabilities as something as small as using unsupported or unpatched software can be a risk.
- Look at user roles and permissions on your core business systems. Restrict or allow access based on what is required for the user to carry out their job. With restrictions in place if the unthinkable happened it may help with the prevention of the cyber-attack spreading.
- Set a company password policy, such as enforcing user password rules where a combination of numbers, symbols and letters are required or changing passwords every few months. Simple things can make a difference.
- Regularly evaluate existing preventive measures and continuously improve.
There is no ultimate solution when it comes to cyber-security as technology is always changing - but manufacturers must do as much as they can to protect the business.