Kroll’s new report reveals the latest threats and vulnerabilities currently impacting the manufacturing sector and the gaps in detection and response affecting the mitigation process.
The State of Cyber Defense: Manufacturing Resilience provides new insights and analysis on the specific security challenges in the manufacturing sector. Taking Kroll frontline data from its experience with over 3,000 incidents per year, this research provides an overview of the cybersecurity threat landscape currently faced by the manufacturing industry.
This holistic view of cyber risk for the manufacturing sector was achieved by combining the findings from our global survey of 1,000 security and risk leaders for the State of Cyber Defense: The False-Positive of Trust report with frontline threat intelligence collected from 3,000+ incident response cases, 700,000+ endpoints under monitoring and 100,000+ hours of offensive security engagements.
By combining the Detection and Response Maturity Model research with Kroll data, the new report demonstrates that the manufacturing sector was a notable outlier in the elevated threat it faces. Unfortunately, the manufacturing industry is one of the most industries most targeted by ransomware.
However, the good news is that, according to our research, the industry’s real-world capabilities far exceed those of most other sectors. Manufacturers are outsourcing their IT security needs effectively and are maintaining a manageable ecosystem of IT tools.
Manufacturing sector security priorities
The new report reveals that ransomware is of greatest concern to the industry, followed by data leakage and phishing attacks. For all of these, the manufacturing industry is more concerned than the average. Given the scale of the ransomware threat over the last five years, it is no surprise to see it is the threat of greatest concern to manufacturers. The findings reflect the fact highlighted in our threat landscapes report and elsewhere that manufacturing is known to be one of the biggest targets for ransomware operators.
Most common threats in manufacturing
While the manufacturing industry appears to be most concerned about ransomware, it is not in fact the most common threat type for the industry. According to Kroll’s Cyber Threat Intelligence (CTI) team, the data shows that email compromise is the most common threat type, accounting for nearly half of incidents observed by Kroll in the manufacturing industry. The challenge with business email compromise is that it can target multiple departments, from human resources to finance. This means that gaining control and visibility over vast networks can be challenging, especially when a company needs to rely on its employees as its first line of defence.
Ransomware continues to be a major concern
Despite email compromise being the most common threat type, the manufacturing industry still faces a high volume of ransomware attacks. According to Kroll’s CTI team, the manufacturing industry is one of the industries most targeted by ransomware operators.
Improvements in mitigating data breaches
The report shows manufacturing’s relatively high cyber maturity reflected in its positive data breach figures. Kroll asked all respondents to report how many security incidents that resulted in a compromise of data they had experienced in the last year. Surprisingly, 12% of manufacturing businesses shared that there had not been any security incidents, which is three times the average of 4% reported across all industries.
Overall, it would appear that the manufacturing industry has experienced fewer data breaches that resulted in a compromise of data or financial impact in the last year than the average across all industries.
Attitudes towards security outsourcing
The report highlights that manufacturing organisations are making good use of outsourcing their cybersecurity services. Eighty-eight percent of manufacturers are outsourcing at least some of their IT security services. Manufacturing businesses are around half as likely as other businesses to address all of their IT security needs in-house. Of the minority of manufacturing businesses that currently handle all of their security services in-house, 71% have plans to outsource in the next 12 months.
How Kroll can help
No less than 60% of UK manufacturers have been affected by a security incident, with a third of these having experienced financial loss or operational disruption as a result. Despite this, manufacturing remains one of the industries least prepared for the impact of cyber-attacks. At Kroll, our experience of working with organisations across the manufacturing sector means that we better understand the security challenges your organisation faces and how to address them.
Kroll is the global incident response leader – responding to over 3,000 security events every year. Kroll is well-placed to help you respond effectively to many types of incidents and enhance your organisation’s incident response procedures to help your organisation respond faster and more effectively to security incidents.
Kroll Responder, our managed detection and response (MDR) solution, delivers 24/7 security monitoring, earlier insight into threats, and complete response that goes far beyond simple threat containment to understanding the root-cause, hunting for further evidence of compromise and eradication. Kroll Responder is consistently recognized as industry-leading by security sector analysts.
