How manufacturers can combat cybersecurity threats

Earlier this year Canadian airplane manufacturer Bombardier confirmed it was the victim of a cybersecurity breach. As more and more manufacturers digitise and move their processes online, their risks move with them.¹ This has presented new opportunities for cyber-criminals to target production lines and damage not only the technology but the physical infrastructure too.²

Top five cyber threats for manufacturing companies³

1. Phishing scams: This is where cyber-criminals create an email to look like it has come from a trusted source. The email is designed to tempt a recipient into sharing sensitive information, download malware or visit an infected website. Could you spot a phishing email scam? Take our interactive test to find out!
   
   
2. Ransomware: This attack technique uses malware to encrypt a victim’s entire computer system. Leaving it out of action unless a ransom is paid. Some estimates suggest that companies fell victim every 11 seconds in 2021 at a cost of more than £14b worldwide.⁴
   
   
3. Internal breaches: Unfortunately, employees can make a range of mistakes that may lead to data breaches. This could be from failing to install software security updates, to using weak passwords and falling for scam emails. Human error can have devastating consequences on data protection and system security. Learn more about the common data security breaches caused by employees.
   
   
4. Intellectual property (IP) theft: With high levels of competition within the manufacturing sector, theft of sensitive commercial data, such as blueprints and in some cases third part IP, poses a big threat for manufacturers.² Protect your big ideas with intellectual property insurance.
   
   
5. Supply chain attacks: These attacks involve hackers targeting one business in order to gain easier access to the systems of its customers or suppliers. Attacks of this type are on the rise and can be particularly damaging for the business through which access was originally gained.⁴

The interruption caused by a cyber-event at one or multiple factories could have big consequences. From defective products, to production downtime, physical damage, and in the worst case even injuries and deaths.² This could all lead to lost custom and reputational damage. It is critical manufacturers understand cyber risk. And put a suitable plan in place to help combat the threats.

Cyber security solutions for manufacturing companies

How long would you be forced to close if your business suffered a major cyber attack that prevented automated production? And what impact would this have on revenue, brand, reputation and customer contracts?

By adopting some of these approaches you can help combat cyber-criminal activity:

• Carry out a cyber security review: A cyber security review is a detailed process of identifying potential threats and their impact. It assesses existing cyber security to look for weaknesses and how you can address them.⁵ These reviews are vital for maintaining robust cyber security and are a good first step for any business. Marsh Commercial recently partnered with Connectus, a specialist IT and cyber risk consultant, to offer a menu of cyber and IT solutions including a complimentary IT and cyber review. Find out more and book your review here.
  
  
• User awareness training: Educating users in cyber security is essential. Many attacks rely on ‘tricking’ users into clicking on malicious links and attachments in emails. User awareness training can help employees to spot and avoid potential cyber threats.⁶ Our manufacturing hub features a range of articles and tools on cyber to help get you started.
  
  
• Multi-factor authentication (MFA): The use of two-factor authentication rose by 18% in 2020 and was in use by 82% of businesses.⁷ MFA is a way of strengthening the user login process. It can be useful in securing remote working systems by requiring every login to be authenticated via a code sent to a second device.
  
  
• Review cyber insurance arrangements: Unfortunately no business can entirely remove cyber risk. That is why cyber insurance can be so important. It is there to step in if the worst should happen. Helping with legal costs and damages, computer system clean-up and repair, and other costs related with rectifying the issue. Your existing commercial insurance may offer some level of coverage. But a cyber liability policy is essential to properly managing the risk within your business.

If you wish to discuss any of points raised in this article, contact Selena.kearvell@marsh.com. Or speak to your Marsh Commercial advisor who will be more than happy to help.

<sup>Sources:

1. cfcunderwriting.com/en-gb/resources/articles/2021/06/how-to-sell-cyber-insurance-to-manufacturers/
2. marsh.com/ae/en/industries/manufacturing/insights/manufacturing-cyber-challenge.html
3. bitlyft.com/resources/cyber-threats-manufacturing-companies
4. en.wikipedia.org/wiki/Supply_chain_attack
5. wizardcyber.com/assessment-services/cyber-security-review/
6. financesonline.com/cybersecurity-trends/
7. securitymagazine.com/articles/93722-uk-sees-a-31-increase-in-cyber-crime-amid-the-pandemic</sup>