Why cyber insurance is critical for manufacturing organizations
Manufacturers rely significantly on both emerging and legacy technologies to operate efficiently and at scale. The critical nature of these technologies, however, make them a frequent target of cyber attackers looking to disrupt businesses and capitalize on high-value, often unprotected assets.
The manufacturing industry faces increased cyber risks due to the use of operational technology (OT) for automation and remote access, as well as interconnected systems — all of which are critical to the manufacturing process. Ransomware attacks can knock these systems offline, causing serious delays, disruptions, and even unauthorized access to sensitive data and physical equipment. In particular, industrial control systems (ICS) in manufacturing facilities are often outdated and lack proper security protocols. The possibility of physical damage to manufacturing equipment due to a cyber attack is also a unique concern for the industry, underscoring the need to prioritize cybersecurity measures and cyber insurance to protect their operations.
How bad could one small security incident be?
$199,000
Average cost of a cyber claim for manufacturing organizations
59%
Percentage of cyber attacks originating from email inbox
$303,000
Average funds transfer fraud loss for manufacturing businesses
Unique exposures for manufacturing companies
How essential technologies can create cyber risk
End-of-life software & hardware
Organizations may use outdated technologies with the belief that upgrading would be expensive, time-consuming, and disruptive. However, technologies no longer supported by the manufacturer often have known security vulnerabilities and may lack important security features to protect against modern threats.
Enterprise resource planning (ERP) systems
ERP systems are crucial to manufacturing operations, consisting of processes, workflows, master data, and numerous interconnections with other internal and external systems. Cyber attackers are keenly aware of the valuable assets within these systems and frequently target them for the purposes of encryption and disruption.
Human-machine interfaces (HMI)
HMIs are used to control or monitor machinery, making them a common target of cyber attackers looking to disrupt manufacturing businesses. Unauthorized access to an HMI can cause operators to lose control of a machine and result in asset damage, destruction, or serious bodily injury.
Payment processing software
Funds transfer fraud and invoice manipulation are often major drivers of cyber claims. For manufacturing companies that use electronic payments, even one fraudulent transfer can have dire financial consequences.
Programmable logic controllers (PLC)
Similar to other industrial control systems, PLCs are used to monitor and control equipment in industrial and commercial environments. They’re also vulnerable to cyber threats that can compromise an entire business operation, including network-based attacks, physical attacks, and malicious software attacks.
Supervisory control and data acquisition (SCADA) systems
SCADA systems are a core component of manufacturing operations, used to manage and supervise machines and industrial processes. The devices used to run SCADA systems are typically connected to other IT systems and discoverable on the web, making them vulnerable just like any other internet-connected device. SCADA systems can also be difficult to secure with traditional cybersecurity technology and require compensating controls to sufficiently defend against cyber attacks.
How sensitive data can increase business liability
Financial data
Collecting and processing financial information requires adherence to industry standards. Mishandling or unauthorized disclosure of financial data can cause direct harm to customers or vendors and trigger industry and regulatory investigations.
Intellectual property
Manufacturing companies may work with patents, designs, prototypes, proprietary processes, and other sensitive information that they must keep confidential to maintain a competitive advantage and protect products from copying or theft. Unauthorized access to proprietary manufacturing methods or production equipment data can undermine an organization’s competitive advantage.
Legal and contractual data
Manufacturers may have access to contracts, legal agreements, and disputes, including settlements, judgments, and court orders. Mishandling confidential data can cause significant damage to the data owner.
Protected health information (PHI)
Some manufacturers may have access to health-related information, such as disabilities or injuries, for the purposes of accommodation and compliance. All PHI must be protected to ensure medical privacy and comply with Health Insurance Portability & Accountability Act (HIPAA) regulations.
For more insights, download our complete guide:
Business impacts for manufacturing companies
What to expect after a cyber incident
Direct costs to respond
Responding to a cyber event typically requires numerous direct costs, most commonly first-party expenses. If a manufacturer experiences BEC and sensitive data is involved, it can trigger a need for additional legal counsel, forensic investigation, victim remediation, and notification. Simple investigations can cost tens of thousands of dollars, while more complex matters can increase costs exponentially.
Liability to others
Many manufacturers face new and unexpected exposures after a cyber event. Though most do not collect large amounts of sensitive personal information, they may have access to corporate confidential data and systems; some must also comply with industry standards or government requirements for protecting data. This type of information and access is typically addressed in contracts and often carries strict information security and disclosure requirements in the event of a breach, exposing firms to cyber liability they may not anticipate.
Business interruption and reputation damage
Many manufacturers maintain a traditional IT environment for business applications, like email and ERP systems, as well as an OT environment for manufacturing activities. A cyber event that impacts either environment can have a significant impact on an organization’s ability to manufacture and ship products. Even short periods of disruption can lead to direct loss of revenue due to delays, missed shipments, or physical damage to production lines. Delays can also affect contractual obligations and have a negative impact on client retention and acquisition.
Cybercrime
Beyond ransomware and data breaches, cyber events can result in financial theft for a manufacturer or its clients — often without an actual breach. If an attacker dupes someone in the billing department to alter payment instructions, a business can lose tens or hundreds of thousands of dollars almost instantly. Attackers can also gain access to email accounts and send fraudulent invoices or payment instructions to clients, customers, and other third parties.
Recovery and restoration
After a cyber event, resuming operation is no easy task. If an attacker damages or destroys essential technology, data, or physical equipment, a manufacturer may need to bring in external support or purchase new equipment to re-secure systems. Full remediation, restoration, and recovery can take a significant amount of time, when possible, and may require purchasing new software, systems, and consultants to rebuild the network.
CYBER INSURANCE BUYER’S GUIDE
Choosing the right cyber coverage for your business
Cyber insurance is an essential aspect of modern risk management, offering coverage for the losses associated with data breaches, cyber extortion, business interruption, and other cyber-related incidents.
Coalition created a Cyber Insurance Buyer's Guide to help businesses navigate the complex cyber insurance market and confidently select the right coverage for their business.
Coalition’s products are offered with the financial security of Allianz Global Corporate & Specialty SE (A.M. Best A+ rating) and Lloyd’s of London (A.M. Best A rating).
