Cybersecurity should be ignored by businesses at their own peril. No matter how seriously a company believes it is safeguarded for potential data breaches or other cyber threats, are they really doing everything they can to ensure their business, or more importantly, their customers, are protected?
Cybersecurity. Credit: Song_about_summer / Shutterstock
Credit: Song_about_summer / Shutterstock
New research carried out by Cybersecurity firm FoxTech claims to have found the top five industries most at risk from attack.
Read more: Cybersecurity relies on talented workers - how do we inspire talent?
Companies were audited across a wide range of industrial sectors, and "cyber risk" scores were calculated using publically available information, which offered the firm an immediate idea if a particular company was at risk of a breach. The highest scores were often attributed to the following sectors:
1. Software development
This one is unsurprising given it is currently one of the booming tech sectors. Any industry that relies heavily on computers for storage, work and business will be a prime target for cybercrime.
2. Publishing
Number two on the list hits a little close to home, particularly if the majority of the content produced appears online. One attack could demolish servers, delete years of data, breach accounts and even open up other, similar businesses (if there are multiple publications under the same company) to similar attacks - all leading to the potential for massive monetary losses.
3. Research and development
Like many high-risk industrial sectors, such as energy attacks against any kinds of industrial holdings, the severity of crimes against R&D firms depends on the type of research being conducted. Cyberespionage or cyberterrorism attacks against certain types of firms could have disastrous consequences, such as diseases being released, dangerous chemical leaks or even national security breaches should the research be conducted by a nation's government.
4. Transportation, freighting, trucking, railway
Attacks against core societal infrastructure could cause a number of issues, ranging from production delays found with workers not arriving to work on time, to the complete disruption of industrial supply chains, which could have severe effects on domestic and international economies.
While not the result of a cybersecurity attack, should you want a prime example of how a seemingly minor supply chain disruption can have more severe effects, look at the Suez Canal crisis from earlier this year.
5. Civil engineering
Much of civil engineering is being driven by the digital transformation and disrupting it could cause severe delays or even threaten the structural integrity of a building should the attack come during the construction phase, all with the potential to cause massive losses for the public and private sectors.
But, what leads to cybercrime?
The issue is often not that companies do not care about cybersecurity, but that they are simply unaware their IT infrastructure is at risk.
"In many cases, companies will be entirely unaware that the antivirus or endpoint protection software they have invested in simply isn’t robust or far-reaching enough to prevent a cyber attack from occurring", FoxTech CTO Anthony Green said.
"Alternatively, companies might be under the misapprehension that they are safe from attack because they have invested in cloud-based services. Sometimes, a company can be exposed by something as simple as poorly managed user accounts, software that is out of date or inadvertently leaving their database visible to the internet and therefore exposed to hackers".
FoxTech reports hackers spend an average of 207 days between breaching a company's IT security and finally exploiting it. It is prudent to note breaches are often a gradual process rather than a sudden attack happening - a common misconception about cybercrime.
Read more: Operational cybersecurity and the new industrial frontier
But what's the answer?
Green suggests companies remain constantly up-to-date with any potential cybersecurity risks to minimise, to the best of their ability, the risk of attack from constantly evolving threats.
“The best thing to do for any company is to arrange a cybersecurity audit of their IT systems, process and procedures", he said. "This won’t necessarily be through their IT provider, but often through independent companies who specialise in analysing potential threats".
Back to Homepage
Back to Technology & Innovation