Manufacturing sector is more vulnerable to attacks in the cloud than other verticals, study finds

Aug. 5, 2022
Netwrix research reveals that manufacturing organizations experienced these types of attacks more often than any other industry surveyed.

(IRVINE, Calif. — Aug. 2, 2022 — Netwrix Release) — Netwrix, a cybersecurity vendor that makes data security easy, announced additional findings for the manufacturing sector from its global 2022 Cloud Security Report.

According to the survey, half (51%) of manufacturing companies experienced an attack on their cloud infrastructure within the last 12 months. The most common type of attack was phishing, reported by 73% of respondents.

Compared to other industries, the manufacturing sector turned out to be more prone to account compromise and supply chain attacks within the last year. Thirty-eight percent of respondents in this sector had to deal with account compromise at least once, while the average for all other industries was 31%. Similarly, 19% of manufacturing organizations experienced supply chain compromise but only 15% of respondents from other verticals reported this type of attack.

"The most common reason for cloud adoption in the manufacturing sector (cited by 57% of respondents) is supporting remote workers. Business pressure to grant remote access quickly to many workers leads to a wider attack surface and might be the root cause for the increased number of account compromise attacks," said Dirk Schrader, VP of security research at Netwrix. "To mitigate this risk, manufacturing organizations should pay closer attention to identity management, especially for privileged accounts. A zero standing privilege approach is particularly effective in this situation since it creates accounts only on request and deletes them once the specified task is completed."

The survey also shows that cloud adoption in the manufacturing sector is progressing slower than in other markets. Indeed, while on average 41% of workloads are already in the cloud, manufacturing organizations have moved only 35% of their operations there. Lack of budget is the main factor slowing cloud adoption; 45% of respondents in this industry highlighted this reason, compared to 35% overall.

Another difference is that manufacturing organizations are more concerned about the cyber risks associated with their own employees. Nearly half of respondents consider their staff to be one of the biggest risks to data security in the cloud, which is 11% more than average. This affects cybersecurity decisions: In the manufacturing sector, 75% have implemented multifactor authentication and 70% audit user activity, compared to 69% and 58% respectively in the other industries. Moreover, 41% of manufacturing companies plan to start performing regular review of access rights.

"Cloud adoption is accelerating in the manufacturing sector: These organizations report that they expect 52% of their workloads to be in the cloud by the end of 2023, up from the current 35%. Fast implementation of cloud computing could cause security gaps. Paying close attention to securing all three attack vectors — data, identities, and infrastructure — will reduce the risk of infiltration and its consequences," said Schrader.

Sponsored Recommendations

2024 Manufacturing Trends — Unpacking AI, Workforce, and Cybersecurity

The world of manufacturing is changing, and Generative AI is one of the many change agents. The 2024 State of Smart Manufacturing Report takes a deep dive into how Generative ...

State of Smart Manufacturing Report Series

The world of manufacturing is changing, and Generative AI is one of the many change agents. The 2024 State of Smart Manufacturing Report takes a deep dive into how Generative ...

Trying to Keep Pace with Supply Chain Disruption?

CPG manufacturers are struggling to keep up with supply chain disruptions. Learn how to build more resilient operations –and reduce demand shock.

Mitigating Cybersecurity Threats – Step-by-Step

Distributor Wesco adds services focused on identifying and solving OT network and security vulnerabilities in critical manufacturing.