The retail and healthcare industries typically spring to mind when considering cybersecurity threats. In many ways, however, companies in manufacturing and distribution (M&D) face more pressing risks. In fact, M&D is the second most-attacked industry. The scale and complexity of the sector make it a prime target for everything from consumer and employee information to intellectual property and national security secrets.
Threats to M&D are on the rise
According to the Department of Homeland Security, cyberattacks on critical manufacturing companies (metals, machinery, electrical and transportation manufacturers that contribute to critical infrastructure) nearly doubled between 2014 and 2015. During the same period of time, IBM found an increase in manufacturing incidents, with the industry moving from third to second place in terms of incident rates.
Cyber espionage affects M&D more than any other sector. According to Verizon, manufacturing is by far the most sought-after cyber espionage target with 35 percent of all attacks aimed at the sector. The manufacturing industry is more susceptible to phishing than any other industry with a median click rate (meaning those who clicked on a link in or responded to a phishing email) of 13.35 percent. This is a significant concern because phishing often serves as a point of entry to install malware that allows cyber criminals to observe and steal information over time.
At-risk data and systems in M&D
Organizations in other sectors worry most about personal and payments information. While these issues impact companies in M&D, the scope of concern is much broader. Following are the most common targets:
- Trade secrets
- Business information
- Customer information
- Consumer information
- Third-party supplier and vendor information
- Information relevant to national security