Quebec Industrial Barometer - 13th edition (2022) of the STIQ: What you should know about the Cybersecurity plan.

The STIQ manufacturing group has just published the 13th edition of its industrial barometer. This barometer highlights the following elements concerning the cybersecurity of Quebec manufacturers:

• 27% of Quebec manufacturing organizations have experienced cybersecurity incidents in the last three years.

• The largest manufacturers, those who export internationally and those who are the most technologically advanced have suffered more cyber attacks.

• 63% of manufacturers rate the risk of cyberattack as high.

• 88% of manufacturers have implemented measures to strengthen cybersecurity in the past three years.

• 81% of manufacturers have hired an external firm for their cybersecurity.

Analysis of the barometer results

The manufacturing sector is attractive to hackers

The barometer indicates that 27% of Quebec manufacturers have suffered cyber attacks in the last three years. This rate is similar to the one observed globally in North America. For example, a study by IBM X-Force Threat Intelligence Index 2022 showed that in 2021, 28% of cyber attacks in North America concerned manufacturers. The same study indicated that the manufacturing industry was the most targeted by cyberattacks in North America in 2021. It is therefore clear that this sector is the most targeted by hackers in Quebec in 2021.

According to our experience with manufacturers, there are several reasons why this sector is targeted first by cyber attacks:

• The impact of cyberattacks has immediate and serious consequences on manufacturers: production line shutdowns, lost sales, significant financial losses, etc. This unfortunately forces many manufacturers who are victims of ransomware to contact the hackers to negotiate a ransom payment.

• Hackers talk to each other a lot and all cybercriminals end up knowing that manufacturers are more willing to negotiate a ransom payment than other sectors. This sector becomes attractive.

• Manufacturing networks are not very secure (existence of legal systems, outdated or unsupported operating systems such as Windows 2008, XP, vulnerable OT/IOT, insecure remote access solutions, insufficient user awareness, etc.). This makes them easier to hack than other industries. Hackers prefer to attack weakly secured targets.

• Manufacturers have data that is very valuable to cybercriminals including intellectual property, personal information, etc. By targeting manufacturers, hackers also hope to gain access to this data. They could then threaten to publish it on the Internet if a ransom is not paid.

Solution: Manufacturers should take into account that they are a prime target for hackers and that they will continue to suffer from cyber attacks. Therefore, they need to define a clear cybersecurity strategy and make sure to identify and mitigate the main cyber risks that can target them. The following article provides insight into where to start in securing a manufacturing IT environment.

Awareness of cyber risks but slow to make decisions to enhance cybersecurity

Manufacturing organizations are aware of cyber risks but don't know where to start in defining and deploying an effective cybersecurity strategy. They also lack qualified internal cybersecurity resources and don't know how to estimate cybersecurity budgets, which doesn't help. This situation creates slowness and hesitation in making cybersecurity-related decisions.

Very often, it is the major cyber attacks (e.g. ransomware) that force manufacturing organizations to get out of their hesitation and act quickly to improve their cybersecurity.

Solution: Manufacturers should adopt a proactive attitude towards cybersecurity rather than only reacting to cyberattacks. This will allow them to minimize or negate the impact of cyber attacks that target them. Manufacturers should know the TOP 10 cybersecurity risks that can impact them. They must then ensure that they put in place the necessary measures to mitigate them.

Currently deployed security tools and measures are not sufficient

The study shows that 88% of manufacturers have implemented measures to strengthen cybersecurity in the last 3 years. One might ask why this sector suffers so many incidents when the vast majority of manufacturers say they have implemented measures to enhance their cybersecurity?

In our experience with manufacturers, there is confusion about the effectiveness of the cybersecurity measures they have put in place. For example, some manufacturers think they are safe from ransomware by making regular backups or replacing their antivirus with an EDR (Endpoint Detection and Response), which is not accurate.

Others think they have greatly improved their security by investing in a new firewall and antivirus. Again, this is an illusion, because an antivirus/EDR and a firewall are not enough to deal with today's cyber threats.

Solution: rather than basing their cybersecurity strategy on the implementation of technological tools, manufacturers should consider cybersecurity as a living process that must adapt to the evolution of cyber attacks. Therefore, they should establish a coherent cybersecurity plan with prioritization of actions to be taken in the short, medium and long term.

Cybersecurity is much more than a question of antivirus and firewall

The barometer indicates that 81% of manufacturers do business with external firms for their cybersecurity. When you consider the high rate of cyber attacks targeting manufacturers and the confusion regarding the protection measures in place, you might wonder if manufacturers are well advised in matters of cyber security?

Our experience shows that very often, manufacturers, due to a lack of information, entrust their cybersecurity to IT outsourcing firms whose cybersecurity expertise is limited to the installation of antivirus and firewalls. But cybersecurity is much more than just anti-virus and firewalls.

Solution: Manufacturers would benefit from doing business with firms whose core business is cybersecurity and not IT outsourcing. Before choosing a firm to accompany them on their cybersecurity, we strongly recommend that each manufacturer verify if the external firm has the required expertise.

Need help? StreamScan is here.

Whether you need help conducting a security audit, developing a security plan, or implementing a Managed Detection and Response (MDR) solution, StreamScan has experts with years of experience in the manufacturing sector who can help. Talk to one of our experts or call us at 1-877-208-9040.