The manufacturing sector is more vulnerable to account compromise & supply chain attacks than other verticals


Netwrix, a cybersecurity vendor that makes data security easy, today announced additional findings for the manufacturing sector from its global 2022 Cloud Security Report.

According to the survey, half (51 per cent) of manufacturing companies experienced an attack on their cloud infrastructure within the last 12 months. The most common type of attack was phishing, reported by 73 per cent of respondents.

Compared to other industries, the manufacturing sector turned out to be more prone to account compromise and supply chain attacks within the last year. 38 per cent of respondents in this sector had to deal with account compromise at least once, while the average for all other industries was 31per cent. Similarly, 19 per cent of manufacturing organisations experienced supply chain compromise but only 15 per cent of respondents from other verticals reported this type of attack.

“The most common reason for cloud adoption in the manufacturing sector (cited by 57 per cent of respondents) is supporting remote workers. Business pressure to grant remote access quickly to many workers leads to a wider attack surface and might be the root cause for the increased number of account compromise attacks,” comments Dirk Schrader, VP of security research at Netwrix. “To mitigate this risk, manufacturing organisations should pay closer attention to identity management, especially for privileged accounts. A zero standing privilege approach is particularly effective in this situation since it creates accounts only on request and deletes them once the specified task is completed.”

The survey also shows that cloud adoption in the manufacturing sector is progressing slower than in other markets. Indeed, while on average 41 per cent of workloads are already in the cloud, manufacturing organisations have moved only 35 per cent of their operations there. Lack of budget is the main factor slowing cloud adoption; 45 per cent of respondents in this industry highlighted this reason, compared to 35 per cent overall.

Another difference is that manufacturing organisations are more concerned about the cyber risks associated with their own employees. 48 per cent of respondents consider their staff to be one of the biggest risks to data security in the cloud, which is 11 per cent more than average. This affects cybersecurity decisions: In the manufacturing sector, 75 per cent have implemented multifactor authentication and 70 per cent audit user activity, compared to 69 per cent and 58 per cent respectively in the other industries. Moreover, 41 per cent of manufacturing companies plan to start performing regular review of access rights.

“Cloud adoption is accelerating in the manufacturing sector: These organisations report that they expect 52 per cent of their workloads to be in the cloud by the end of 2023, up from the current 35 per cent. Fast implementation of cloud computing could cause security gaps. Paying close attention to securing all three attack vectors — data, identities, and infrastructure — will reduce the risk of infiltration and its consequences,” adds Schrader.