What Industries are at Greatest Risk for Cyberattacks?
posted Nov 30, 2017 by Daniel M. Andrea, CPA, CITP, CISA in the Business Blog
Though cyberattacks plague organizations of all shapes and sizes, some industries are especially inviting to cyber criminals. Read more about the industries that are most susceptible to attack and why this is the case for them.
Healthcare continues to be the number one most targeted industry for cyberattacks in 2017. Because of the general lack of necessary funding, the healthcare industry has suffered many breaches. The likely cost of a cyber breach in the healthcare industry is $200 for every patient’s compromised record. The sheer volume of patient data stored in hospitals and medical offices makes any cyberattack extremely threatening for the industry’s wellbeing.
What should healthcare professionals do?
Facilities aren’t always equipped to ward off breaches, and many have outdated systems and are understaffed. Hackers prey on this weakness because they know how valuable medical information is. They know that hospitals and other medical facilities will pay to get the data back, and ensure that patients are tended to. Healthcare professionals should create an inventory of all equipment, and what software is running in the facility. Prioritize what devices need attention first- life-critical devices like ventilators should be given priority, for example.
Financial institutions and banks are particularly vulnerable because of the amount of credit card and bank account information held there. Financial institutions have invested more money in cybersecurity over the last few years to fight this problem. The risk has evolved from financial theft and fraud to more complex and serious consequences like theft of intellectual property, business disruption and reputation damage.
What should finance professionals do?
At financial service firms, hackers exploit flaws in security programs that allow them to get access to common attack targets like laptops, tablets and smartphones. These endpoints are vulnerable because in order to be fully protected, they require robust security protocols and effective education for employees. It would benefit you to ramp up your security protocols by establishing a consistent set of internal controls, and meet with your employees and make sure everyone is on the same page with these protocols.
The manufacturing industry is particularly vulnerable to cyber risks because of its focus on innovation and reliance on connected products (in other words, products embedded with sensors, software, etc. that allow data to be exchanged between the product and outside forces).
What should manufacturers do?
- Identify all your assets and understand where threats are likely to come from. Penetration testing can help with this.
- Conduct ongoing vulnerability scanning. A network vulnerability scan detects and classifies weaknesses and predicts the effectiveness of countermeasures.
- Implement access control measures- An access control measure is a security technique that regulates who or what can view or use resources in a computing environment. Using these prevents a hacker from accessing other parts of the system in case a component is compromised.
There is no single set of standards that are relevant to all industries; however, it is important for all organizations to invest in employee education. Employees are the first and last line of defense, and according to a recent IBM Report, over 60% of breaches are due to human error.
According to a recent study, the global cybersecurity market will exceed $202 billion by 2021, spending driven largely by cybercrime, making it more important than ever before to educate employees on cyber awareness. Contact our Information Security Services Team for further guidance.