As everybody becomes more dependent on internet connectivity for work, recreation and socialization, we inevitably increase our risk of digital foul play.
Below is a look at five industries that are especially susceptible to cybersecurity threats. Thankfully, they’re also well-positioned to make “cybersecurity 2020” a top priority through cultural and technological investments.
The manufacturing industry has always been a prime beneficiary of emerging technologies. Interchangeable parts, assembly lines and equipment condition monitoring all helped build the world’s material goods supply chains into what they are today.
Manufacturing now finds itself in the middle of another industrial revolution. This one is focused on internet connectivity and data harvesting for enterprise planning, equipment maintenance and much more. Unfortunately, this digital infrastructure — the Industrial Internet of Things — often comes with a “look before you leap” mentality.
According to IBM, 82% of surveyed electronics companies are making IIoT investments without paying attention to the risks.
The manufacturing industry is growing more aware of the dangers of data-sharing between vendors and the potential risks of internet-connected infrastructure. The International Data Corp. projects that, through 2022, investments from the manufacturing and government sectors will lead U.S. investments in cybersecurity.
2. Retail and E-commerce
Brick-and-mortar and e-commerce retailers find themselves under constant attack from cybercriminals. It’s no surprise why — retailers increasingly depend on user tracking and data harvesting to better connect with leads, personalize the sales funnel and ultimately turn them into brand loyalists.
The retail industry routinely collects information on users’ general web browsing and social media activity to better understand how to reach a receptive audience. The collected data may include real-time location information, names, email and physical addresses, phone numbers and more.
Retail has been building a highly lucrative bread crumb trail of personal information for years, leading to huge data breaches at major retailers like Target, Kay Jewelers, Macy’s, Adidas, Under Armour and many more. According to reporting by one cybersecurity firm, as much as 90% of logins on e-retailer websites are performed using ill-gotten user credentials.
Retailers are responding accordingly. A 2018 data threat report from Thales found that 84%of surveyed retailers plan to increase their IT spending on cybersecurity in the years ahead, including 28% who said the investment would be significant.
3. Health Care
In the United States and elsewhere, virtually every health care provider is required to maintain and protect electronic health records (EHRs) for their patients. The benefits are enormous: Patients and doctors have easy access to files from anywhere, and vital health data can travel seamlessly with patients as they move between PCPs or specialists.
Data in the health care industry is valuable for another reason. This data can improve matchmaking in drug trials, help personalize medicines and care plans, and ultimately reduce costs for providers and patients.
Unfortunately, this highly sensitive data is useful to cybercriminals as well. Research indicates that private health care records can be several times more valuable on the black market than even credit card details. With personal health information at their disposal, data thieves can order medications, submit fraudulent insurance claims and more.
All this adds up to a potentially huge amount of cybersecurity spending across the health care landscape as providers get serious about the vulnerabilities of their infrastructure. Between 2017 and 2021, total cybersecurity spending in this industry is likely to exceed $65 billion globally.
4. Banking and Financial Services
Between 2013 and 2015, approximately 600 million customers had their credit or debit card information stolen or their banking records compromised. In what is the largest-ever data theft settlement in U.S. history, credit reporting bureau Equifax is on the hook for around $650 million in damages. The company’s mishandling of user data exposed 147 million customers’ financial details.
Digital technologies are so important to the banking and financial services industries that it goes by its own name: “FinTech.” Broadly, this refers to online and mobile banking portals, digital stock trading apps and point-of-sale technology.
Banks and credit unions are increasingly raising awareness among their customers of the potential vulnerabilities of online banking services and financial technologies. Customers can keep their cards and accounts safer by setting up alerts and learning what phishing attacks look like.
Most of the burden must fall on the shoulders of financial services companies themselves, however. This is why, according to a Deloitte survey, banking-related institutions are on track to raise their cybersecurity spending to around $2,300 per employee. Between 2016 and 2020, this will add up to approximately $68 billion in the U.S. alone.
5. Managed Services
Managed service providers, or MSPs, are companies that perform remote configuration and monitoring of their clients’ IT infrastructure. Therefore, it’s either ironic or inevitable that more MSPs are in the cybersecurity crosshairs than ever before.
In April 2019, the industry received a wake-up call when a ransomware attack on an MSP called Rockwell resulted in 22 Texas counties and towns losing access to their networks.
MSPs have deep access and intimate knowledge of their clients’ IT and cybersecurity buildouts, which makes them especially tempting targets. When it comes to MSP cybersecurity in 2020, throwing money at the problem isn’t enough.
Industry specialists predict a wholesale retuning of the business model itself. Small companies aren’t likely to sign a contract with an MSP plus another with a dedicated security firm. To stay relevant and competitive, MSPs must find a way to do both competently in 2020 and beyond.
Cybersecurity 2020: Everybody’s on Notice
Cybersecurity is everybody’s responsibility — but most of all, the burden rests on digital-first service providers. Consumers have some tools at their fingertips to keep themselves safe. Still, these measures are only useful when companies themselves understand the risks and make the right safety and technology investments.
Kayla Matthews writes about cybersecurity and technology for publications like Malwarebytes, Security Boulevard, InformationWeek and CloudTweaks. To read more from Kayla, visit her blog: ProductivityBytes.com.