Cyber risk in advanced manufacturing
How to be secure, vigilant and resilient
Manufacturers are driving extensive innovation in products, manufacturing process, and industrial ecosystem relationships in order to compete in a changing global marketplace. Given its focus on innovation and an increasing reliance on connected products, the manufacturing industry is particularly vulnerable to cyber risks. To assess the landscape, Deloitte and MAPI conducted a cyber risk in advanced manufacturing study. Deloitte surveyed 225 manufacturing industry cyber risk executives, bolstered by a series of 35 executive interviews to evaluate how manufacturing companies are confronting cyber risk issues.
Be secure, vigilant and resilient
The 'Cyber risk in advanced manufacturing' study examines six emerging themes. The results of this study may help manufacturers engage their senior leadership teams and boards in a deeper conversation on how to make their businesses secure, vigilant and resilient.
Six key themes for cyber risk in advanced manufacturing
Cyber risks in the industrial ecosystem
Given the highly connected environments manufacturers work in, and the pace of technological change they face, cyber risk is a top-of-mind industry issue. In fact, nearly 50% of the surveyed executives lack confidence they are protected from external threats. Study results indicate nearly 40% of manufacturing companies were affected by cyber incidents in the past 12 months, and 38 percent of those impacted indicated cyber breaches resulted in damages in excess of $1 million.
Six key cyber risk themes emerged in the ‘Cyber risk in advanced Manufacturing’ study as critical to manufacturers’ abilities to capture the business value associated with emerging exponential technologies, while appropriately addressing the dynamic cyber risk landscape, in order to protect and enhance value over the longer term.
Should a cyber breach occur, manufacturing companies must remain secure, vigilant, and resilient. To start this journey, manufacturing executives should consider the top 10 action items you can read about in the ‘Cyber risk in advanced manufacturing’ report.
Top 10 questions boards should be asking
As manufacturing companies and their boards begin to pay closer attention to cyber risk, there is a need for a more holistic understanding of cyber risk trends and leading practices to enable them to be prepared to ask the right questions around the company’s cyber risk profile, funding of key mitigation strategies, and how the cyber risk profile and threats are evolving over time. Here are 10 questions boards should be asking:
- How do we demonstrate due diligence, ownership, and effective management of cyber risk? Are risk maps developed to show the current risk profile, as well as timely identifying emerging risks we should get ahead of?
- Do we have the right leadership and organizational talent? Beyond enterprise systems, who is leading key cyber initiatives related to ICS and connected products?
- Have we established an appropriate cyber risk escalation framework that includes our risk appetite and reporting thresholds?
- Are we focused on, and investing in, the right things? And, if so, how do we evaluate and measure the results of our decisions?
- How do our cyber risk program and capabilities align to industry standards and peer organizations?
- How do our awareness programs create cyber-focused mindset and cyber-conscious culture organization wide? Are awareness programs tailored to address special considerations for high-risk employee groups handling sensitive intellectual property, ICS, or connected products?
- What have we done to protect the organization against third-party cyber risks?
- Can we rapidly contain damages and mobilize response resources when a cyber incident occurs? How is our cyber incident response plan tailored to address the unique risks in ICS and connected products?
- How do we evaluate the effectiveness of our organization’s cyber risk program?
- Are we a strong and secure link in the highly connected ecosystems in which we operate?
More information on cyber risk in advanced manufacturing?
Do you want to know more on the cyber risk in advanced manufacturing? Please contact Martijn Knuiman at +31 (0)88 2882941.