Manufacturers Can’t Afford the Cyber Risks They’re Overlooking

Posted By: Tom Morrison Community,

Within manufacturing, cybersecurity risk exceeds organizational preparedness. While this readiness gap is a notable issue for the industry now, it’s going to become a much bigger problem moving forward—particularly if sector leaders don’t prioritize a more strategic and preemptive approach to securing their operations from external attacks.

 

A Problematic Security Awareness Gap

As a recent study by AVANT on the state of tech disruption across various industries revealed, much of the manufacturing industry has failed to take proactive steps to defend against cyber attacks—which is a notable problem considering the growing threats the industry faces.

The study, which surveyed 300 U.S.-based technology decision makers about the evolution of their enterprise tech stack in 2019, found that of the five industries studied—manufacturing, financial services, ecommerce, healthcare/medical, and consulting/business services—manufacturing is significantly trailing the other four in terms of adopting next gen security solutions.

But as AVANT found, the manufacturing industry’s slow pace on evolving security isn’t an innovation problem. Compared to the other industries surveyed, manufacturing actually leads the pack on the digital transformation front, with 89% of manufacturers reporting an extreme degree of confidence in their digital transformation plans. By contrast, only 57% of financial services decision makers said they were extremely confident in their organization’s transformation agenda.

Instead, the problem for manufacturing is one of prioritization. Despite having sophisticated digital transformation plans, security largely doesn’t factor into those plans. One likely reason for this oversight is that manufacturers often don’t view themselves as being particularly susceptible to attack, given hackers’ propensity for financial, healthcare and identity-based data. After all, when was the last headline to discuss a major manufacturing data breach compared to, say, the flurry of reporting surrounding attacks on banks?

But the belief that manufacturers are somehow at lower risk doesn’t account for the actual prevalence of cyberattacks and the evolving threat atmosphere the industry faces. According to a recent Deloitte study of manufacturing executives, around four out of 10 said their organization had experienced a data breach that year. These breaches didn’t come cheap, either, with roughly 40 percent of the attacks costing more than $1 million. Nor are manufacturing-focused breaches set to become any cheaper or less frequent: As AVANT’s report points out, manufacturers' intellectual property is becoming increasingly desirable to sophisticated attackers like malicious outsiders and foreign governments.

 

Strategic Recommendations

As manufacturers become a lucrative target for bad actors with effective attack strategies, it’s imperative that industry leaders double down on cyber preparedness. Here are some of the essential steps all manufacturers should take to meet rapidly evolving security threats within their sector:

  • Look to outsource: Most organizations want to keep as many responsibilities as possible planted firmly in-house, both from a cost and control standpoint. However, security is one area where it can pay dividends to recruit outside expertise. By entrusting third-party providers with certain elements of security, manufacturers can reach a level of security they wouldn’t be able to achieve with traditional, in-house tools.
  • Recruit expert advice: One problem with outsourcing IT is that it’s hard to know where to start. With an abundance of resources and providers, it can be challenging to determine what specific solutions your organization needs to strengthen its security posture. Trusted advisors who help guide tech decision-making can play a pivotal role in bridging the gap between manufacturers and the tools they actually need.
  • Build internal security awareness: Even with the most robust tools and outside support, manufacturers will still fall short of security readiness if their staff isn’t cyber literate. Given that so many cyberattacks rely on human error and oversight, manufacturers should establish cybersecurity best practices in-house, and make sure these practices are followed.

 

For manufacturers, a lack of cybersecurity planning and preparedness all but guarantees an attack—and the monetary and reputational losses that inevitably follow. But by taking a proactive approach to evolving security, manufacturing leaders can put themselves in an advantageous position to meet both today’s and tomorrow’s security threats.

 

Written by:  Drew Lydecker, Co-Founder and President at AVANT, for Manufacturing.net.