Industry insights
Manufacturing
Manufacturing organizations do not have the same legacy experience as data-intensive industries, such as financial institutions. Today, manufacturing is seeing an acceleration in the pace of technological change evidenced by the digital global supply chain, connected devices such as Human Machine Interfaces (HMI), Industrial Control Systems (ICS), and the Industrial Internet of Things (IIoT).
How does the manufacturing industry stack up?
2.2 (basic)
The average CyQu rating for manufacturing organizations globally is 2.2/4 (basic).
What this means
This rating indicates that cyber security maturity is at a basic level. Organizational cyber security risk management practices and technologies are not formalized. Risk is managed in an ad hoc and sometimes reactive manner. Risk management practices and technologies are not established.
Explore the most pertinent cyber risks to manufacturing organizations, map them to key cyber security controls, and determine actions your organization can take to close cyber security gaps.
Click below (+) to learn more
*Aon's Cyber Quotient Evaluation (CyQu) is a comprehensive cyber risk assessment that evaluates cyber risk across 9 security domains and 35 critical control areas
Underpinned by proprietary data and expert insights, explore four key risk themes that are prominent to manufacturing organizations today.
Read below to learn more
Navigate new exposures:
Rapid digital evolution
Unsurprisingly, clients in the manufacturing sector have a strong focus on environmental controls. For example, 37% of all organizations have N+1 (parallel redundancy) configuration for critical power systems, fire suppression, and Uninterruptible Power Supply (UPS).
Know your partners:
Third-party risk
Manufacturers are likely to depend upon a large number of third-parties to support their value chain. Yet more than half (57%) of organizations continue to perform ad hoc rollouts, without having formalized a consistent due diligence approach across their organization. What is most concerning, is that 17% have no third-party due diligence at all.
Concentrate on controls:
Ransomware
60% of manufacturers do not implement Two-Factor Authentication (2FA), a critical additional security layer. Without authentication and encryption, 46% of organizations struggle with endpoint logging and monitoring, causing poor visibility into Industrial Control Systems (ICS) and critical operational networks. Most surprisingly of all, manufacturers still fall below the cross-industry average for both incident response and business continuity readiness.
Perfect the basics:
Regulation
46% of manufacturers do not have a security solution that supports consistent and repeatable data classification. This also impacts their ability to layer additional data protection controls.