Manufacturing is a Top Target for Cyber Criminals
Cyber security is a top-of-mind risk for organizations of all sizes and across all industries. This is especially true for manufacturers, as it is an industry norm for organizations to quickly adopt new, more efficient technologies—technologies that are often a target of cyber criminals.
In fact, according to the Insurance Institute of Canada, manufacturing is one of the top industries targeted by cyber criminals. While specific cyber exposures for manufacturers vary, they typically relate to the categories outlined in this article.
Data and Intellectual Property Loss
Almost every business stores sensitive information. For manufacturers, this typically includes personally identifiable information of employees and customers. Items like names, addresses and credit card information are all at risk in the event of a data breach.
A data breach can occur as the result of a number of incidents, including hacking, the loss of a laptop and unauthorized employee access. Data breaches can be incredibly costly for manufacturers, and expenses related to forensics, notification costs, public relations, crisis management, and fines and penalties can add up quickly.
What’s more, the theft of intellectual property (IP) is a top concern among manufacturers. If IP is stolen during a data breach, organizations risk losing their competitive advantage. IP is often a manufacturer’s most valuable asset—an asset that needs constant protection.
Further complicating matters for manufacturers is that systems are becoming increasingly connected, and sophisticated spear phishing attacks, mobile device challenges and state-sponsored attacks have each elevated the risk of IP theft.
One of the most important aspects of any manufacturing operation is its people. However, due to constantly advancing technology and the frequency at which employees are permitted to bring their own devices to work, manufacturers are increasingly exposed to new and disruptive cyber threats.
Four of the top 10 cyber threats facing organizations can occur as the result of employee negligence. Phishing scams, the abuse of IT systems, errors and omissions, and the unsecure use of mobile devices can all occur if employees are improperly trained or wish to do an organization harm.
Industrial Control Systems and Connected Devices
Industrial control systems are command network and system devices designed to monitor and control industrial processes. These systems are designed to promote efficiency and are often connected to the internet. While this connectivity is essential in modern manufacturing operations, it has created a new exposure for businesses to consider.
This type of exposure was demonstrated in late 2014, when hackers were able to take over the control systems at a German steel mill through the use of phishing emails. The hackers were then able to disrupt the control system to such a degree that a blast furnace could not be properly shut down, which, in turn, lead to an explosion and massive physical damage to the plant. This incident illustrates just how complex cyber exposures can be for manufacturers.
In addition to the risks above, there are a number of cyber threats in the manufacturing industry that can negatively impact an organization’s bottom line without warning. The following are some risks to be aware of:
- Third-party damages. When connecting with customers and vendors online, third-party damages can occur. Third-party damages can take various forms, but often occur when a virus is transmitted to another company or customer. When this happens, your organization could be held liable for any damages.
- Business interruptions. Manufacturing businesses often require the use of computer systems, and a disaster can halt your ability to transmit data and lead to lost revenue. Time and resources that normally would have gone elsewhere will need to be directed toward the problem, which could result in further losses. This is especially important as denial-of-service attacks by hackers have been on the rise. Such attacks block access to certain websites by either rerouting traffic to a different site or overloading an organization’s server.
- Cyber extortion. Hackers can hijack websites, networks and stored data, denying access to you or your customers. They often demand money to restore your systems to working order. Because a variety of manufacturing projects are time sensitive, delays of any kind can wreak havoc on an organization’s bottom line.
Protecting Yourself with the Right Coverage
To protect your business, cyber liability insurance should be used as part of your overall risk management strategy so you can address a cyber breach quickly and reduce possible damages. The following are possible exposures that may be covered by a typical cyber liability policy:
- Data breaches
- Intellectual property rights
- Damages to a third-party system
- System failure
- Cyber extortion
- Business interruption
Cyber liability insurance is specifically designed to address the risks that come with using modern technology—risks that other types of business liability coverage simply won’t cover.
The level of coverage your business needs is based on your individual operations and your range of exposure. It is important to work with a broker who can identify your areas of risk so a policy can be tailored to fit your situation.
© Zywave, Inc. All rights reserved