Kaspersky Lab’s researchers have discovered that more and more cyber criminals are turning their attention to malicious software that is mining cryptocurrencies at the expense of users’ mobile devices.Learn more >
According to a Kaspersky Lab survey of 3,900 IT professionals worldwide, industrial and production businesses have security priorities that are drastically different from service-based industries. Industrial sectors can value (or under-value) certain types of data far differently than other businesses, and even amongst different industrial sectors, security priorities can vary greatly.
Industrial Data Security Priorities: By the Numbers
The adage that “no two businesses are alike” is especially true when comparing businesses in corporate and services sectors (e.g., Education, E-Commerce, Healthcare) to industrial businesses. Kaspersky Lab’s survey classified respondents across 17 different business sectors, including the Manufacturing and Utilities & Energies sectors. These two industrial sectors stand apart from the others based on the designs of their IT networks – industrial machines managed by highly-specialized industrial software – and how these businesses have vastly different priorities for securing these networks.
To illustrate this point, the following tables show how these two business sectors responded to questions about what types of data they value the most, and what types of data they lose most often in security incidents. The tables also show how these response rates are ranked (e.g., highest, lowest) when compared to the responses of the other 15 business sectors included in the survey. These polarized responses show that industrial businesses value certain types of data more highly than any other type of business, and shows whether or not this data is being stolen at a comparatively higher rate.
What Types of Data Do You Fear Losing the Most?
What Types of Data Are Actually Being Stolen?
- Intellectual Property: 21% of Manufacturers reported losing Intellectual Property in the past 12 months (the fifth-highest rate), which seems to justify the sector giving Intellectual Property the highest “importance rating” (17%) of all 17 business sectors. Utilities & Energy suffered the lowest rate of stolen Intellectual Property, and assigned it the lowest rating of importance out of all 17 business sectors.
- Market Intelligence/Competitive Intel: The Manufacturing sector viewed Market Intelligence/Competitive Intel of just average importance, whereas Utilities & Energy ranked it the highest of all business sectors. Both sectors suffered from relatively high rates of Market Intelligence data theft.
- Customer Information: In short, neither the Manufacturing nor Utilities & Energy sectors are concerned about losing customer information…and with good reason, since they reported the third-lowest and lowest rates, respectively, of stolen customer information across all business sectors.
- Internal Operational Information: On the other hand, both Manufacturing and Utilities & Energy are highly concerned about losing Internal Operational Information (e.g., details of business processes). Almost half of all companies in both sectors reported losing some of this information to a data breach incident within the previous 12 months.
Industrial Security Challenges – Unlike Other Businesses
What this data illustrates is the fundamentally different approaches to IT security found in corporate environments and industrial environments. Corporate IT security is focused on data protection, but industrial IT security focuses on process protection. The data shows how highly these industrial businesses value the security of their internal processes, and also shows how securing customer data is a non-factor for these companies.
But this data also shows that the top concern of one industrial business might be a minimal consideration for another (e.g., importance of Intellectual Property). For example, Kaspersky Lab’s survey found 31% of businesses in the Manufacturing sector believe they are being specifically targeted by cyber-attacks. This was the second-highest rating across all sectors (behind Financial Services), but this high-level of concern was not reported in the Utilities & Energy sector, which had a below-average response to this question.
It’s clear that the IT networks and security priorities of industrial businesses require a different type of security strategy to meet their needs. Sophisticated industrial security is a more urgent need than ever, as sophisticated malware, such as Wiper and Shamoon, have specifically targeted industrial businesses and caused millions of dollars in damage. To learn more about Kaspersky Lab’s approach to industrial security, and to obtain a whitepaper discussing industrial security challenges, visit the company’s Critical Infrastructure Protection & Industrial Security business center, or read more analysis of malware attacks on industrial businesses on the Kaspersky Business Blog.
Articles related to Virus News
Kaspersky Lab DDoS Intelligence quarterly report: amplification attacks and old botnets make a comeback
Kaspersky Lab has published its report looking at botnet-assisted DDoS attacks for the first quarter of 2018Learn more >
Kaspersky Lab researchers have discovered a new variant of the SynAck ransomware Trojan using the Doppelgänging technique to bypass anti-virus security by hiding in legitimate processes.Learn more >