For years, healthcare has been a long-standing target of cybersecurity threat actors. Due to the highly sensitive nature of healthcare data, the government stepped in early to help regulate the industry with HIPAA to ensure healthcare professionals were taking the right measures to protect patient data. Now, cybercriminals may be looking for a new target.
In 2017, the U.S. government tapped several major industries with a big cybersecurity warning, including nuclear, energy, aviation, water, and manufacturing.
Manufacturing supply chains increasingly depend on technology, which means more and more access points are being created for threat actors to target. According to Information Buzz Security, the specific cybersecurity risks facing manufacturing create a unique opportunity for cybercriminals due to the huge amounts of data needed to manage processes with tiny degrees of tolerance. Most of the time, this data lives only a few degrees of separation away from public networks making it highly susceptible to cyber attacks.
To get an idea of what worst case scenario looks like, read the story of notPetya. It’s about a maritime giant responsible for 76 ports across the globe and nearly 800 seafaring vessels who was rendered completely idle in a matter of minutes after a cybersecurity attack.
The Biggest Threat Is Your Employees
According to a Deloitte Survey, four out of the top 10 manufacturing cyberthreats are directly attributable to employee action. Most cybersecurity investments involve securing your networks and computers. However, the real problem is human error. This is why the cybersecurity efforts of manufacturers has to include educating their employees.
As is stands, email is still the number one threat vector facing businesses today. Cybercriminals prefer the most direct attack possible, meaning less work and a better ROI for those criminals. Educate mid to lower level employees on the numerous phishing techniques, as they typically have less training in this area.
To get an idea of your organization’s level on information security, click here to take our cybersecurity self-assessment.