Use of the Internet of Things can bring value but it also creates a growing number of network entry points for cyber criminals. Not surprisingly, according to a new report from BDO USA, 92 percent of manufacturers the firm studied cite cyber security as a key concern, which is a 44 percent increase since 2013.
The 2016 Manufacturing Risk Factor Report from accounting and consulting organization BDO USA examines concerns listed in SEC disclosures from the largest 100 publicly traded U.S. manufacturers. The companies are in the fabricated metal, food processing, machinery, plastics and rubber, and transportation equipment industries.
“As the industry races toward the next frontier, manufacturers must strike a balance between progress and security,” says Rick Schreiber, partner and national leader of the Manufacturing & Distribution practice and National Association of Manufacturers (NAM) board member, in the report. “Data analytics and the Internet of Things may spur the next industrial revolution, but with that comes increased exposure to cyber risk. Manufacturers still have some catching up to do to adequately protect their data, customers, products and factory floors.”
On the one hand, manufacturing seems to have flown under the radar as high-profile attacks continue against the retail, financial services and healthcare industries. Then again, manufacturers’ information, intellectual property and products have increasingly become targets for cyber criminals. Consequently, cyber risk is moving up on manufacturers’ list of priorities.
To maintain a competitive advantage, manufacturers increasingly develop smart products and processes, which correspondingly also creates more network entry points. Tellingly, although manufacturers recognize the cyber issue, only eight percent in the MPI Internet of Things Study, sponsored by BDO, said they are very confident in their ability to prevent an IT breach.
“All it takes is one weak link in the security chain for hackers to access and corrupt a product feature, an entire supply chain or a critical piece of infrastructure,” says Shahryar Shaghaghi, National Leader, Technology Advisory Services and Head of International BDO Cybersecurity. “The stakes are too high in the manufacturing industry for complacency or inattention. Security can no longer be considered an add-on to products and processes. It must be built in from design to distribution, and monitored with a high level of priority.”
Although cyber security is a top concern for the manufacturers that were studied, they do, of course, have other, higher concerns. For example, nearly all of the manufacturers (97 percent) cite competitive pressures as a key concern this year, and 91 percent of them worry about inability to properly execute corporate strategy—including cost reduction, capacity expansion or improving efficiencies. The ability to comply with federal, state and local regulations is also a key concern, cited by 99 percent of the manufacturers. Threats to international operations and sales was also cited by 94 percent of the manufacturers as a key concern, up from 93 percent last year and 87 percent in 2013.
I was also interested to read that the manufacturers listed bridging the talent gap as a significant concern. Indeed, labor concerns were cited by nearly all (97 percent) of the manufacturers this year, and risks related to labor strikes are cited by 66 percent. Furthermore, considering the strategic and technological changes impacting the supply chain, identifying the right leadership team has become critical. For the second year running, nearly three quarters (74 percent) of the manufacturers cited attracting and retaining key personnel as a key concern.
What are your thoughts on current, key business concerns? Is cyber security now a significant concern? Do you think attracting and retaining personnel is now a key concern as well?