Manufacturers Are Today's Top Target For Cyber Crime 

Uploaded on 2023-06-20 in FREE TO VIEW, BUSINESS-Production-Manufacturing

Historically, the financial services sector has been the most attacked by cybercriminals. Still, in 2021 there was a substantial shift, and a different industry ranked at the top for the first time - the manufacturing industry.

For the second year in a row, manufacturing was the top-attacked industry according to IBM's X-Force Threat Intelligence Index.  

Recent reports cite over half of all manufacturers in Britain succumbing to cybercrime in the last two years. While 39% of UK businesses reported suffering a cyber-attack in 2022, with data breaches costing companies an average of $4.35 million. So, it's a case of not if, but when will you be attacked – and how prepared is your business to foil an attack or recover from a breach?  
 
Currently, the risks are evolving just as rapidly and cleverly as the remediations and technical controls that counteract the advances of criminal opportunists. Technological acceleration is shaping manufacturing into a new normal of automation and digitalisation, a change known as the Fourth Industrial Revolution (4IR). Industries with Operational Technologies (OT) networks - including mining, utilities, and oil and gas, with their huge networks of connected devices create a rich target for aggressive ransomware attacks.  
 
The manufacturing sector is being hit hard as it dislikes downtime, making it more likely to pay a ransom. Its lengthy supply chains provide more vulnerabilities than other sectors. The pandemic has exasperated these issues. The financial upset from unplanned downtime has been summarised in a substantial cost-per-minute figure of $22,000 (£18,871.27). 
 
To add to these challenges, security has become more complex as different technologies can be stacked for greater risk resilience.

Disparate toolkits have been created as a result and resources stretched to breaking point to oversee complex IT environments and the workloads running behind the scenes. We're seeing a groundswell of security products – with over 1,800 active firms in the UK's cyber security products and services space alone. The picture is often confusing for IT decision-makers regarding which products to buy.  
 
So how can manufacturers make sense of what's on offer?  
 
Manufacturing A Better Security Posture 
 
Threat actors will evolve and innovate as businesses ramp up transformation, transitioning into hybrid cloud environments. The basic building blocks start with password hygiene, policy relevance and compliance, and a sizeable security toolkit. But there's always more that manufacturers can be doing to improve their resilience. 

 Security By Default 

Security is no longer optional when everyone's a target. In a product and solution agnostic overview, it would be advisable for businesses and enterprises alike to revisit and revise their perception of risks and security protocols to align with the modern threat landscape. This means understanding concepts like zero trust, the value of automation toolkits, the strengths or weaknesses of third-party services, and how security can be levelled up through consultation, personalisation, and deployment.  
 
'Security by default' may feel new to a market that has historically viewed security, at times, as optional. But in a climate where risk evolution is in a fast sprint and where a business can ignore basic tenets like patching cadence, the urgency of risk needs to be reinstated. 
 
By adopting a security by default perspective, products and services need to consider layers of resilience to different, pressing threat actors and types. A renewed security approach aligned with modern toolkits, services and expertise will be critical in supporting regulated workloads against known and emergent risks. This will include everything from consulting, managed services to Security Operations Centre (SOC), faster threat intelligence and even automated remediation. 
 
Building Layers Of Resilience 

The three key pillars in cyber security include people, processes, and technology. A "security posture" is hardened to even the most aggressively sophisticated attack types and actors between these interlocking constituent parts. Manufacturers can reverse the pattern of malware intrusions when they understand how to build layers of resilience to wrap around their employees, processes, and technologies.  
 
Outsourcing Security & Risk To A Managed Service 

As businesses globalise, modernise and become more interconnected with other brands, customers and international talent, the scope for new risk increases. Offloading risk through cyber insurance and third-party arrangements will allow businesses to sidestep some pressing threats, but not all. As security budgets firm up to brace against risk, companies must train employees effectively in cyber security, build reliable partnerships and develop more secure supply chains. This means having security everywhere. Tools, skills, and expertise allow businesses to create layers of resilience. 
 
As more manufacturers across the UK improve security controls for breaches, two critical security scenarios play out: preparing for and recovering from a breach. 

Preparing For A Breach 

One of the IT department's biggest challenges is the use of disparate toolkits created within manufacturing organisations, which results in stretched resources, particularly within the SOC. This becomes further aggravated without proper management or training on those toolkits.  
 
Faced with increasing threats, today's SOC needs support to investigate and prioritise risks and respond quickly and proportionally. Poorly deployed and unmanaged security products can worsen security postures, reducing a security professional's flexibility to the most significant threats they battle daily. And, cyber insurance policies will be voided by improper tool use. 
 
The power of a tool is unlocked only when it's properly activated and managed. Preparing for a breach means that manufacturers must review gaps in their toolchains but seek consultation and training to ensure controls are appropriately activated and managed.  
 
The first line of defence for security teams is risk prevention. Prevention entails the technical controls that contain or blunt security threats, halting them before they escalate into a breach. This will include threat detection, analysis, and response measures. Risk prioritisation simplifies prevention by mobilising remediation controls and directing attention to the most relevant, escalating risks in the moment. It involves automation and insights that will pull at levers to control the ebb and flow of threat varieties.  

Managing A Breach 

Automation can remove many traditional security barriers. Most commonly, these barriers involve human manual or repetitive tasks that prevent security teams from being as rapid or responsive as required to handle escalating threats.  
 
Workloads are better protected precisely because security operates in a closed loop, from detection and investigation to interrogation and response of risks. In this approach, threat intelligence proactively informs how rapidly teams can respond to the most immediate threats as they emerge. When a threat is prioritised, escalating into a primary challenge for your security team, it frees resources to do what matters most in these situations: strategise a quick, effective response.  
 
Time is one of the greatest assets in any given security battle. With accelerated threat hunting and real-time intelligence, security teams can prioritise actions to prevent attacks. Time will also work against a manufacturer after a breach has occurred. The longer an infection goes unanswered, the greater the damage over time. After several weeks, a company may never recover. But contained within days, security teams can plan to recover from a breach and limit the damage. 

Conclusion 

Breaches have a personal impact as much as a commercial and reputational one. Key executives and directors are liable; security professionals feel responsible; the wider business is at risk. Yet, manufacturers shouldn't let the stigma of a breach shrink their confidence in managing the modern threat landscape. Breaches will happen, but the damage can be contained with the right technologies, policies, people, and consultation. 
 
With a flood of security products on the market, navigating the right tools to deploy can be challenging. For manufacturers facing tool abundance and indecision, it's wise to consider how to create and build an interconnected web of resilience that works to deter, contain, diminish, and expel threats of all shapes and sizes. 
 
Ask yourself:  

  •  How many tools do I need to become secure?  
  •  How many tools can my team manage?  
  •  How compatible are my tools - do they engage with one another?  
  •  Where are the gaps in my toolchain?  
  •  Are all staff being trained regularly on cyber security issues? 
  •  Does the business foster a culture of zero trust across?  
  •  How much confidence do I have in my security capability?  

Cyber security should be a living, breathing 'ecosystem' or a suite of interlocked, in some cases automated, services and solutions. 
 
 Andy Dunn is CRO at CSI Ltd 

You Might Also Read: 

The Need For OT-centric Cyber Security Strategies:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Shuckworm Intensifies Cyber Attacks On Ukraine
Improving Data Security To Ensure Cybersecurity Compliance »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CyberScout

CyberScout

Cyberscout delivers the latest cybersecurity education, protection and resolutions services. We also provide swift incident response services around the world.

AllegisCyber Capital

AllegisCyber Capital

AllegisCyber is an investment company with a focus on seed and early stage investing in cybersecurity and its applications in emerging technology markets.

ZenMate

ZenMate

ZenMate is a Virtual Private Network services provider offering secure encrypted access to the internet.

Barbara IoT

Barbara IoT

Barbara is an industrial device platform specifically designed for IoT deployments.

Beazley

Beazley

Beazley are a specialist insurer with three decades of experience in providing clients with the highest standards of underwriting and claims service worldwide.

Tehtris

Tehtris

TEHTRIS XDR Platform was developed to control and improve the IT security of private and public companies against advanced cyber threats such as cyber espionage or cyber sabotage activities.

Prove Identity

Prove Identity

Prove (formerly Payfone) is a leader in mobile & digital identity authentication for the connected world.

Cryptyk

Cryptyk

CRYPTYK CLOUD is the first complete enterprise-class cloud security solution that includes cloud storage and broad protection against all external and internal threats.

Lattice Semiconductor

Lattice Semiconductor

Lattice Semiconductor solves customer problems across the network, from the Edge to the Cloud, in the growing communications, computing, industrial, automotive and consumer markets.

AML Global Solutions (AMLGS)

AML Global Solutions (AMLGS)

AMLGS delivers Financial Crime prevention training programmes and consultancy services encompassing Anti-Money Laundering (AML), Counter Terrorism Financing (CTF), Bribery & Corruption and Fraud.

Theta432

Theta432

THETA432 is a cybersecurity firm that provides 24/7/365 managed prevention, detection, response, Hybrid SOC, cyber defense monitoring services with dynamically defined defense (3D™).

Quad9 Foundation

Quad9 Foundation

Quad9 is a free security solution that uses DNS to protect your system against the most common cyber threats. It improves your system's performance, plus, it preserves and protects your privacy.

ASPIA InfoTech

ASPIA InfoTech

ASPIA Infotech is a leading Information and cybersecurity organization focused on innovative approaches to avert targeted attacks.

risk3sixty

risk3sixty

Risk3sixty are information and cyber risk management craftsmen helping build business-first security and compliance programs.

Credo AI

Credo AI

Credo have pioneered a Responsible AI platform that enables context driven, comprehensive and continuous governance, oversight and accountability of AI.

Lighthouse IT

Lighthouse IT

At Lighthouse IT, we are focused on delivering seamless and reliable services to unlock the value of technology for your business.