Actions and consequences
The cyber fraud industry that rapidly grew during the pandemic is showing no signs of slowing down. Around a third (31 percent) of UK businesses experience cyber-attacks or breaches at least once a week, according to new figures published in the government’s Cyber Security Breaches Survey 2022 report. Manufacturing companies now account for nearly a quarter of all ransomware attacks. In recent years, damaging cyber-incidents like the 2021 Colonial Pipeline attack have highlighted the need for manufacturers to treat cybersecurity as a critical operational priority.
At $4.4m, the Colonial Pipeline ransom payout was one of the largest in history, but the collateral damage inflicted was even greater, with President Biden saying the US Government took ‘extraordinary measures’ to mitigate the physical effects of the temporary oil shortage. Financial loss, reputational damage and customer mistrust are just a few of the effects a successful breach can have on a business.
At board level, the chief of a $1.2tn oil fund in Norway recently stated that cybersecurity was a bigger concern than market movements. For organizations to fulfill their financial potential in 2023, mitigating cyber-risk at all levels of their operations should be prioritized, but real change often comes from the top.
The evolving industrial CISO
As of 2022, just 12 percent of Chief Information Security Officers (CISOs) sit on their company’s board. Although growing awareness of cyber-risk has seen organizations investing more in cybersecurity, nearly half of all manufacturers in the UK have been or are currently falling victim to cyber-crime according to MAKE, the industry trade body, ranking the sector in the top five most prone to successful cyber-attacks.
Gone are the days of manufacturing CISOs managing solely tangible assets in a physical environment. Digital transformation has ushered in a brave new world, not just for CISOs, but for the directors they answer to, with nearly half of manufacturers in the UK now prospering from the advanced stages of digital transformation. Done effectively, digital transformation married with effective cybersecurity can drive commercial results.
Reporting is a crucial indicator of cybersecurity posture, but in this new technological age it is no longer about what you think you know, but rather what you can prove to an auditor, regulator or board member. Organizations utilizing performance-based data in cybersecurity reporting means CISOs can compete with Chief Technology Officers (CTOs), or Chief Financial Officers (CFOs) when reporting to their board with visceral data on how well their program is performing. However, attacks on infrastructure come in many guises, which makes it imperative for businesses to stay one step ahead of the adversary.
Methods of attack in 2023
An advanced digital infrastructure means an increased attack surface, providing more pathways for adversaries intent on infiltrating systems and stealing sensitive data. The abundance of intellectual property present in the manufacturing sector also means firms often rely on technical software packages that can be hard to patch against recent exploits, making them vulnerable to increasingly sophisticated cyber-threats. If a system is smart, it is vulnerable.
In 2023, however, social engineering attack methods such as phishing will be as damaging as highly sophisticated attacks targeting key assets. Employing zero-trust models and automation in cybersecurity environments can counter these known threats by authenticating, authorizing and continuously validating internal and external users.
The International Data Corporation (IDC) this year stated that cybersecurity is now a ‘priority business investment’, with automation acting as a ‘force multiplier by taking routine tasks off the plate of cybersecurity, allowing specialists to focus their effort on adding higher-level value to the organization’.
Automated Breach-and-Attack Simulation (BAS) helps cybersecurity teams continuously stress test and validate their people, processes, and technologies. By moving away from episodic, point-in-time, manual testing methods, organizations can realize both team productivity improvements and cost savings. According to IDC, BAS capabilities can help cybersecurity teams discover and remediate gaps in their security posture, delivering key security outcomes such as strengthening cyber defense and helping IT and security teams do their jobs better and faster.
To meet the needs of a modern threat landscape, manufacturers must adapt to an ‘assume-breach’ mindset of when, rather than if, an attack will happen, and utilize an ‘evidence based security’ method of making informed decisions about their cybersecurity program. An organization’s board needs to be kept informed of their cybersecurity posture with performance data-driven insight, rather than box checking exercises. By enhancing visibility within their cybersecurity program, manufacturers won’t be entering 2023 blindfolded.
For a list of the sources used in this article, please contact the editor
Andrew Habibi Parker
Andrew Habibi Parker is Technical Director of EMEA for Cybersecurity firm AttackIQ, the leading independent vendor of breach and attack simulation solutions. AttackIQ built the industry’s first Security Optimization Platform for continuous security control validation and improving security program effectiveness and efficiency. AttackIQ is trusted by leading organizations worldwide to plan security improvements and verify that cyber defenses work as expected, aligned with the MITRE ATT&CK framework.