Headshot of Ben Sumner, Audit partner at Dannible & McKee, LLP

The Importance of Cybersecurity in Manufacturing

10.26.23

While manufacturers may not always sell directly to consumers, that doesn’t mean they are not at risk of a cyberattack. In fact, the risk of cyberattack for manufacturers can be greater than in other industries due to complex supply chains and reliance on modern technologies. While news media often gives heavy attention to data breaches that occur at large retailers or financial institutions, manufacturers are becoming more of a common target every day.

According to the IBM Security X-Force Threat Intelligence Index 2023 report, for the second year in a row, manufacturing was the world’s most cyberattacked industry. These cyberattacks are adding to the existing global supply chain issues that already exist due to the COVID-19 pandemic. The report shows that in 2022, 24.8% of cyberattacks across all industries are attributed to manufacturing, which is an increase from 23.2% in 2021 and 17.7% in 2020.

Exposing Vulnerabilities

Cybercriminals often target manufacturers because, in many cases, they’re more vulnerable compared to other businesses. The manufacturing supply chain is complex, consisting of an intricate network of suppliers, logistics firms, distributors, retailers and other entities, often connected by the internet. Members of the supply chain may have access to each other’s systems, which means that a vulnerability in one link can expose the entire chain to cyber risks.

Furthermore, manufacturers increasingly rely on internet-connected devices on the shop floor that can be monitored and operated remotely. However, the manufacturing industry has been slower than other industries to upgrade IT infrastructures and develop robust security practices designed to prevent, detect and mitigate cybercrime.

Hacking the System

Manufacturers’ systems generally don’t store customers’ credit card numbers and other sensitive data that criminals can use to perpetrate identity theft and similar crimes. Instead, cybercriminals target manufacturers to disrupt their operations and extort money.

One of the most significant threats to manufacturing companies is ransomware, a type of malware that encrypts data and makes files, databases and applications inaccessible. The attacker then demands a ransom to provide access. Ransomware can spread quickly across a network and cause significant disruption to manufacturing operations, including shutdowns in production lines, delays in product delivery and loss of revenue.

Another technique used by cybercriminals is stealing valuable intellectual property, such as patents, designs, manufacturing processes, research and development documents, customer lists, contracts, bidding information, business plans, marketing plans, and proprietary software, to sell on the black market.

Manufacturing companies are also not immune to ordinary fraud. For example, a cybercriminal may send a phony email from an actual vendor, asking the manufacturer to update its payment information which will send all future payments to a bank account the criminal controls.

The Risks of a Cybersecurity Breach

Cyberattacks can have severe consequences for businesses, including legal fees and recovery costs associated with a breach, damage to reputation and loss of productivity. In some cases, a company’s entire supply chain may need to shut down to stop the spread and disable malware from a cyberattack. According to a report from WebFx, cyberattacks cost US companies approximately $15.4 million each year, with a single cyberattack on a small business costing approximately $8,700 on average.

Smaller businesses are often less prepared to deal with cyberattacks due to having fewer resources devoted to cybersecurity. They may not be able to afford dedicated IT staff, have inadequate or nonexistent network security and/or lack a backup plan. These companies are most vulnerable and often cannot withstand the consequences of a cyberattack, including recovery costs, loss of vendors/customers, or a temporary shutdown of the business. In fact, according to a recent survey of 1,200 small businesses by Momentive on behalf of CyberCatch, 75% of small businesses stated that if they were hit with ransomware, they would only be prepared to continue to operate for up to a week. If having to pay the funds demanded was not bad enough for these businesses, the total disruption to operations would make such attacks even harder to withstand.

Minimizing Risks                                                                                          

To avoid potentially devastating cyberattacks, it is important to conduct a risk assessment. This process will take inventory of your hardware, software and data to identify any vulnerabilities. It’s critical to examine all the ways employees, vendors and other partners can access the network. In addition, monitoring third-party vendor security is increasingly important. Evaluate the policies and procedures of all existing vendors and new potential vendors to ensure their vulnerabilities don’t become your problem.  Companies can undergo service organization control (SOC) audits by certified public accountants that will result in a detailed report outlining the organization’s internal control design and operating effectiveness.  Don’t be afraid to ask vendors for SOC reports and/or other internal control documents.  Once the risk assessment is complete, implement internal policies, procedures and controls designed to prevent unauthorized access.

Taking proactive steps to avoid a cyberattack should also include cybersecurity training so that employees are able to recognize and react to threats to help protect sensitive information. Implementing strict password policies and multi-factor authentication can add an extra layer of defense against hackers. Frequent software updates and security patch scans help to address any areas of vulnerability and weaknesses in a company’s systems and ensure that sensitive information is safeguarded.

Equally important is to create an incident response plan to mitigate the damages in the event of a breach. Have a solid written backup plan that enables your company to resume operations if a hacker destroys or blocks access to data.

Adding Cyber Insurance

Another way businesses can protect themselves from cyber threats is by investing in cyber insurance. Nowadays, insurance carriers are well aware of the cyber risks facing modern businesses.  There are several types of insurance coverage available, but don’t assume your general liability coverage is enough.  Insurance companies can limit insurance coverage to specific ransomware claims or exclude coverage for other specific known vulnerabilities.  Insurance applicants are often required to provide more details about their data security control efforts before extending coverage, according to the 2022 Cyber Insurance Market Conditions Report published by insurance firm Gallagher.  Talk to your insurance carrier about options to protect against cyber threats.

Conclusion

The manufacturing industry remains highly vulnerable to cyberattacks, and the troubling trend of cybercriminals targeting this sector shows no signs of abating. It is crucial for manufacturers to take proactive measures to bolster their cybersecurity before it’s too late. By identifying the factors that contribute to their vulnerability and implementing robust cybersecurity measures, manufacturing companies can better protect their valuable assets and operations, ensuring continued growth and success of the industry.

 

Contributing author: Benjamin A. Sumner, CPA, is an audit partner with over 13 years of experience providing auditing, accounting and advisory services to a wide variety of privately-held businesses. For more information on this topic, contact Ben at bsumner@dmcpas.com or (315) 472-9127.