Trust is nothing new in cybersecurity. Since 2015, for example, 86% of security professionals working in the energy industry have told Tripwire that they are confident they can detect a breach within a week. Just under half (49%) said it would take them no more than a day to detect an attack.
It was the same story a year later when Tripwire interviewed infosec professionals in the retail industry. Most (95%) of those surveyed said their organization could detect a breach within a month. This was the case even with 48% of survey participants admitting that their breach detection products were only partially integrated.
However, these statements did not correspond to the reality of the time. As an example, Mandiant’s 2015 M-Trends report indicated that the average period to detect an advanced persistent threat was 205 days. The 2015 Data Breach Investigation Report gave a similar estimate when it said two-thirds of targeted attacks take months to be detected.
These findings raise the question: does this excess of confidence still shape the expectations of security professionals? What is the situation in other sectors?
New decade, same confidence
Make UK answered this question by sharing the results of its 2021 cybersecurity survey. Indeed, almost nine in ten respondents (87%) in the manufacturing sector told the UK Manufacturers’ Organization that they had the necessary tools, processes and technologies to prevent or protect against a security incident. When asked to specify which tools they use, 97% of manufacturers said they use antivirus software and firewalls to secure their web connections. Just under (90%) indicated they were using network and system wide updates.
About the same percentage (91%) went on to say that they had the resources to adequately assess digital security risks.
Once again, however, it appears that security professionals are overconfident in preparing for violations by their employer. How else could 47% of manufacturing companies surveyed by Make UK experience a digital attack between May 2020 and May 2021? Of those victims, 63% said the attacks cost them up to Â£ 5,000. More than a quarter (26%) revealed that the incidents were priced as high as Â£ 50,000, while 6% said they lost more than Â£ 100,000 in these attacks.
Detecting and responding to incidents doesn’t get any easier for manufacturing, either. This is because attacks against this industry are generally on the rise. Beazley found that the number of ransomware attacks reported to its breach response services increased 156% between Q4 2019 and Q1 2020, for example. Likewise, NTT saw a 300% increase in the number of targeted digital attacks against manufacturing companies for the remainder of the year. This threat activity helped make manufacturing the second most attacked industry in 2020, IBM reported.
Behind the statistics
Several factors are behind this growing number of digital attacks in the manufacturing sector. First, manufacturers are joining with other organizations to embark on their digital transformation. As cited by Make UK in its report:
Research from Make UK tells us that manufacturers are turning to smarter manufacturing models. While this should be encouraged, businesses should also be aware that increased digital connectivity can lead to increased vulnerability, especially as connected products are often used to store and transmit sensitive data, sometimes outside of the office. company itself, opening up opportunities for a cyber attack. , especially around data theft.
Second, manufacturers do not implement the necessary safety measures to deal with these risks. Antivirus software and firewalls offer some levels of protection, but they don’t do much against more sophisticated attacks such as fileless malware and network incidents involving lateral movement. Additionally, nearly half (44%) of manufacturers said they were not offering security training to their staff at the time of the Make UK survey, with (66% admitting that digital security was not a regular item on their monthly council agenda.
The problem here is not always overconfidence. Some manufacturers don’t know where to start. Meanwhile, others (59%) said the cost of creating a digital security program made it difficult for their organizations to better defend themselves against digital threats.
How Manufacturing Organizations Can Move Forward
Manufacturing companies need a cost effective way to defend against digital attacks. To this end, Make UK includes 10 tips from the National Cyber ââSecurity Center (NCSC) at the end of its investigation. These include the following four recommendations:
- Use a risk management program to assess the risks facing their information and systems. It is crucial for manufacturers to have complete visibility of their environments to obtain an accurate vulnerability and risk profile. Next, they need to be able to monitor their corporate assets, industrial networks, and DevOps environments.
- Improve their ability to detect malware. The way to do this is to have an automated way to receive detailed reports on relevant system changes as they occur. It is also useful to have the ability to analyze suspicious behavior of files in quarantined environments so that their production systems always remain safe.
- Manage the secure configurations of their assets. Organizations can only be successful if they have the full network visibility mentioned above. With this comprehensive view, it will take less time for organizations to detect instances of configuration drift and return their assets to their designated credentials.
- Make sure they have the means to detect and investigate an incident. It starts with the intelligence of real-time changes. From there, organizations can use this information to bridge the gap between their IT and security teams. This will save time and resources when it comes time to investigate potential threats.
For more advice on how to protect your manufacturing organization from digital threats, download your copy of the Make UK survey here.