Manufacturing businesses are particularly vulnerable to cyberattacks owing to their focus on innovation and increasing reliance on connected products, a multinational professional services firm said in a recent study.
’s study, titled Manufacturers Alliance for Productivity and Innovation
), revealed that 40% of manufacturing companies were impacted by cyber incidents in the past 12 months, and 38% of those affected suffered over $1 million in damages, BetaNews
Study findings also showed that four of the top 10 cyber threats confronting manufacturing companies involve internal employees − phishing/pharming, direct abuse of IT systems, errors/omissions, and use of mobile devices.
The study also listed the top data concerns among manufacturers. Topping the list is intellectual property, at 36%; followed by consumer data (32%), unauthorized/accidental disclosure of personal information (29%), web-enabled systems and services (26%), and managing third-party information sharing (25%) completing the top five.
also found that while 87% of manufacturing companies have an incident response plan in place, only 36% have it documented and tested. Furthermore, 37% of respondents were found to not include connected products in their incident response plans, which signals the need for a more holistic approach to cyber risk, Deloitte
Brian Clark, partner at Deloitte
& Touche LLP, and co-author of the study, told BetaNews
: “The pace and impact of innovation, coupled with cyber security risk, creates a risk environment that must be carefully managed.
“Product innovation can rapidly make existing products obsolete, potentially delivering considerable value to the innovator while leaving the unprepared facing competitive disadvantages.
“Further, technological innovation enables the manufacturing business model more, but can present a strategic risk as well. For manufacturers to thrive amid the ever-changing risk landscape, a company’s risk assessment practices should align with those changes.”
The study listed six key areas of risk for manufacturing businesses. These are: executive and board engagement, talent and human capital, intellectual property, industrial control systems, connected products and the industrial ecosystem.
Les Miller, internal audit council director and deputy general counsel of MAPI, told BetaNews
: “Organizations should establish a risk assessment program that fits into its unique culture and risks. Since change is constant and can occur suddenly, ongoing efforts to enhance the sophistication and variety of risk assessment techniques are needed.”
Access the Deloitte
Cyber attack: ignorance and inaction are no defence
ASX top 100 to undergo cyber health check