Manufacturing Sector in 2022 Is More Vulnerable to Account Compromise and Supply Chain Attacks in the Cloud than Other Verticals

Staff Report

Wednesday, August 3rd, 2022

Netwrix, a cybersecurity vendor that makes data security easy, today announced additional findings for the manufacturing sector from its global 2022 Cloud Security Report.

According to the survey, half (51%) of manufacturing companies experienced an attack on their cloud infrastructure within the last 12 months. The most common type of attack was phishing, reported by 73% of respondents.

Compared to other industries, the manufacturing sector turned out to be more prone to account compromise and supply chain attacks within the last year. 38% of respondents in this sector had to deal with account compromise at least once, while the average for all other industries was 31%. Similarly, 19% of manufacturing organizations experienced supply chain compromise but only 15% of respondents from other verticals reported this type of attack.

"The most common reason for cloud adoption in the manufacturing sector (cited by 57% of respondents) is supporting remote workers. Business pressure to grant remote access quickly to many workers leads to a wider attack surface and might be the root cause for the increased number of account compromise attacks," comments Dirk Schrader, VP of security research at Netwrix. "To mitigate this risk, manufacturing organizations should pay closer attention to identity management, especially for privileged accounts. A zero standing privilege approach is particularly effective in this situation since it creates accounts only on request and deletes them once the specified task is completed."

The survey also shows that cloud adoption in the manufacturing sector is progressing slower than in other markets. Indeed, while on average 41% of workloads are already in the cloud, manufacturing organizations have moved only 35% of their operations there. Lack of budget is the main factor slowing cloud adoption; 45% of respondents in this industry highlighted this reason, compared to 35% overall.

Another difference is that manufacturing organizations are more concerned about the cyber risks associated with their own employees. 48% of respondents consider their staff to be one of the biggest risks to data security in the cloud, which is 11% more than average. This affects cybersecurity decisions: In the manufacturing sector, 75% have implemented multifactor authentication and 70% audit user activity, compared to 69% and 58% respectively in the other industries. Moreover, 41% of manufacturing companies plan to start performing regular review of access rights.

"Cloud adoption is accelerating in the manufacturing sector: These organizations report that they expect 52% of their workloads to be in the cloud by the end of 2023, up from the current 35%. Fast implementation of cloud computing could cause security gaps. Paying close attention to securing all three attack vectors — data, identities, and infrastructure — will reduce the risk of infiltration and its consequences," adds Schrader.