Home Technology The worst industries for cyber security risk in 2022 revealed

The worst industries for cyber security risk in 2022 revealed

by uma
Our website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.


Download supporting images

New research carried out by cyber crime experts, FoxTech, has revealed that the five UK industries with the weakest cyber security – and therefore most at risk of a cyber security breach – are mechanical and industrial engineering (with a CyberRisk score of 59.1), environmental services (57.8), furniture manufacturing and installation (56.8), logistics and supply chain (56.5), and construction (56.2).

The research is based on analysis of 9500 companies in the UK, and used a CyberRisk score, a diagnostic tool which calculates risk using publicly available information and an analysis of a wide range of cyber security indicators. Companies with scores of 25 or less are considered to be at a low risk of attack, while scores of over 50 demonstrate a high risk. FoxTech’s report found that other industries with scores over 50 included higher education (56.0), accounting (55.2) and hospitals and healthcare (53.4). Scores higher than 75 indicate an extreme risk of attack.

Anthony Green, CTO and cyber crime expert at FoxTech, explains more:

“We audited thousands of UK companies across a wide range of sectors and found that while industries such as financial services, aviation and government administration had a lower risk of falling victim to a cyber crime, many other industries were not doing enough to protect their systems from attack. It is encouraging that no sector averaged at an extreme risk of attack, with a score more than 75. This is reflective of many businesses’ increased investment in cyber security in the past year. However, a score of over 50 still demonstrates a high vulnerability to cyber crime, so it is concerning that many of the UK’s key industries fell into this bracket.”

What common security issues did FoxTech’s report identify?

Anthony explains:

“It’s not that organisations don’t care about having good cyber security, but that they are unaware that their IT infrastructure contains weaknesses that make them a potential easy target for hackers.

“Companies often don’t realise that their anti-virus or endpoint protection software is incorrectly configured, or simply not robust enough to stave off an attack. Another common misconception is the belief that you are safe from attack if you use cloud-based services, rather than an internal server. This is not the case – in fact, 46.3% of the companies we surveyed were using a public cloud provider, but many were still at a high risk of attack. Inadvertently leaving assets exposed to the internet is another big issue. Some businesses we surveyed had databases visible to the internet, and over 40 companies had a camera accessible from the internet!

“Sometimes, an organisation can be exposed by something as simple as poorly managed user accounts or using out-of-date software and obsolete or end-of-life technology – as was the case with 4.7% of businesses we surveyed. Email filtering is also a vital aspect of any good cyber security strategy. Only 55.4% of companies we surveyed has email filtering in place, and just 13.7% had DMARC correctly configured to prevent email spoofing attacks.”

Anthony highlights that hacking is a gradual process, and not something that happens overnight. On average, hackers will spend 207 days between breaching a company’s IT security and exploiting it.

“The fact that hackers are going undetected for so long shows that businesses usually have plenty of time to detect intruders and prevent a cyber attack from occurring – if they know where to look.”

The answer? Anthony says:

“The best thing to do for any company is to arrange a cybersecurity audit of their IT systems, processes and procedures. This won’t necessarily be through their IT provider, but via an independent cyber security company that is set up to focus fully on cyber security and can protect businesses and their customers on a much higher level. A good audit will involve vulnerability scanning – also known as ethical hacking, where a cyber security expert tries to enter your system, just as a malicious hacker would, but with the intention of helping you find and fix your security weaknesses before they are exploited by a cyber criminal.

Companies interested in finding out their own CyberRisk score to get an immediate indicator of how high or low their security risk is can order this for free from FoxTech’s website: CyberRisk | Third Party Risk Management | Foxtech (foxtrot-technologies.com)



You may also like