Deloitte Survey Finds Manufacturers Highly Vulnerable to Cyber-Threats

A Deloitte study finds that manufacturers are ill-prepared to defend themselves from cyber-attacks and data breaches, leading to revenue and production losses.

Top executives at manufacturing companies are extremely concerned about security risks. In fact, nearly 50 percent of respondents said they aren’t confident they have the technology and know-how to protect their companies from threats.

One of the problems with protecting against threats is having adequate funding. However, 48 percent of executives said they don’t have the cash they need to keep their operations safe from the many threats they face.

When analyzing the biggest threats they face, 36 percent of executives said that adequately protecting their IP networks is a top concern. Enterprise networks aren’t nearly as safe as executives would want, the executives said.

Industrial control systems (ICS) are critical to manufacturing activities. However, just 50 percent of companies segment or isolate ICS networks from their standard networks. That translates to 50 percent of companies facing ICS trouble if their standard networks are breached.

Assessments can make the difference between a secure network and a breached network. But 31 percent of executives said they’ve never conducted an ICS assessment. What’s more, just half of respondents said they test for ICS vulnerabilities at least once per month.

Over the last 12 months, 39 percent of companies that responded said that they had fallen victim to a network security breach. Still, 27 percent of companies don’t include ICS in their incident response plans, according to Deloitte’s study.

When a major manufacturing company experiences a breach, the costs are massive. More than a quarter of respondents—about 28 percent—said their breaches cost them between $1 million and $10 million.

War gaming gives companies the opportunity to try out different hacking scenarios so they can learn the best way to respond and react quickly. Some security experts say it’s a key component in any security plan. However, just 12 percent of executives said their companies engage in war games.

When hackers actually breach manufacturing networks, often they’ll find their way in by targeting employees in phishing attacks, the Deloitte survey shows. A full 40 percent of respondents said the attacks they faced were caused by a hack that targeted employees.

A lack of the right security skills is contributing to security vulnerabilities in the manufacturing industry. Three-quarters of executives said they don’t have the IT resources they need to protect their companies and sidestep threats.