Do Manufacturers Need Cyber Insurance?
Although ALL industries are at risk of cyber attacks now more than ever, did you know that manufacturers make the top 5 list of industries being targeted the most by cyber criminals according to Forbes?
That’s because digital systems such as IoT, shop floor controllers, and monitoring platforms have enabled the interoperability of different teams in the manufacturing industry to streamline processes.
Unfortunately, this convenience has also drawn the attention of cybercriminals for data theft or ransom demands capable of disrupting operations on a massive scale with global repercussions.
Here are five notable [and extremely costly] cyber risk exposures manufacturers face:
- Extortion: An organization’s security is only as strong as the judgment of its employees. All it takes is one employee clicking on what appears to be an innocent link, but it is actually malware, for all of the company’s data to be encrypted within seconds. A hacker will then contact the organization asking for a “ransom” ranging from a few thousand dollars to millions to decrypt the files.
- Forensic and Notification Costs: Should there be a cyber attack, the Manufacturer will need to engage a forensic investigator ($250-$500/hr) to determine the scope of the attack and if any sensitive data such as employee records or confidential corporate information was breached.
- System Damage: Manufacturers rely heavily on their computer systems to properly fill orders. Damage to a manufacturer’s computer system could be devastating and lead to defective products or a complete halt in production.
- Business Interruption: Manufacturers will experience a direct financial loss every hour that their systems are down. They will incur unexpected additional costs such as sourcing products by alternative means and paying staff overtime to meet deadlines.
- Social Engineering: Believe it or not, Cyber Crime (aka Social Engineering) is one of the most frequent claims in cyber insurance to date. Cybercriminals will trick financially responsible employees of the manufacturer to send money to a fraudulent bank account. Hackers have become patent and will open sit in the system undetected monitoring and intercepting email activity before executing their scam. Their tactics range from posing as the CEO, a vendor, or a client to simply creating fake employee profiles in the payroll system to siphon money out.
There are simple and effective measures that manufacturing businesses can put in place to be better prepared for emerging cybersecurity threats. These include having a formal incident response plan, effective backup strategy and testing, multi-factor authentication (MFA), Data Retention Policies, and endpoint Detection and Response (EDR) to name a few.
I won’t go into the weeds with technical IT details. That’s for the IT professionals to decide such as your in-house IT team, managed IT provider, or cyber security consultants to help develop. I suggest having your IT provider work in union with a quality cyber insurance policy so that you are prepared in the event of a data breach.
I work with some quality IT professionals and cyber security companies that I can recommend if you need help with this. Just reach out and ask if you need it.
Remember, there’s a reason why manufacturers make the top 5 list of industries being targeted the most by cybercriminals. You don’t just need to hold personally identifiable information to have a cyber exposure. The world is basically run on the cloud now and there’s no hiding from the cyber risk exposures prevalent in today’s technology-driven world.
Credit: Evolve MGA