Two-thirds of Australian manufacturers believe their environment is too difficult to defend.
87% admit manufacturing functions are running on outdated and unsupported legacy operating systems.
The BlackBerry Manufacturing Cybersecurity Study has been released with a warning that outdated and unsupported legacy operating technologies (OT) are exposing substantial vulnerabilities for Australian manufacturers facing escalating threats from nation state attacks. As the Australian Government states its long-term commitment to building a strong and advanced manufacturing nation, this survey underlines the critical importance of ensuring cyber-resilience throughout the manufacturing supply chain.
The survey of 191 manufacturing IT decision makers across Australia revealed that while many (38%) anticipate an elevated risk of cyberattack in 2023, three-quarters of respondents (79%) fear nation state attacks on the sector and 59% are concerned about foreign governments spying on their facilities. At the same time, 71% say OT infrastructure is difficult to defend, and 87% admit to running core functions on outdated and unsupported legacy operating systems.
Jonathan Jackson, Director of Engineering, Asia Pacific and Japan at BlackBerry, says: “Australian manufacturers are headed for stormy waters as nation states up the ante on surveillance and the risk of cyber incident is high – and rising – yet the industry is hampered by a threat surface that is largely antiquated and difficult to defend.”
“Cybersecurity has become a significant barrier to progress, and managers shackled by ageing hardware and outdated operating systems are challenged to unify security across old and new to forge ahead with modernisation. With aged and isolated equipment, the truth is that it is difficult to put protection into these environments – but not impossible. With a lightweight footprint and OS agnostic solution, protection can be extended to every endpoint to close the gaping vulnerabilities across manufacturing infrastructure,” Jackson continues.
The news comes as the Five Eyes alliance, including the Australian Cyber Security Centre (ACSC), issued new guidelines urging software manufacturers to take greater accountability for security of their products. The goal is to shift the current security burden away from customers and prioritise the development of built-in cybersecurity features to ensure ‘security by design and by default’.
BlackBerry’s research revealed that manufacturing IT decision makers in Australia are predominantly concerned with malicious malware attacks (62%), followed by phishing attacks (54%) and unauthorized access by non-malicious insiders (47%), which is consistent with the rest of the world (USA, Canada, UK, Germany, Japan). This may reflect that manufacturers are more concerned with nation state threats that seek to create disruption and unplanned downtime, rather than extort ransom payments.
The research also showed that 75% of manufacturing IT decision makers in Australia believe the cost of a cyber breach to be $373,525 AUD or less. More than half (57%) of Australian respondents estimate that business downtime would account for just one-tenth of that cost, while 64% point to cyber incidents resulting in a loss of customers or impacting supplier relationships (59%). With unplanned downtime costs soaring due to global inflation and production lines running at higher capacity, this contrasts with a recent report[1] estimating the true average cost of a data breach in the industrial sector to be more than 16x higher at USD $4.24M (approximately $6.42M AUD).
The Tolly Group, a world-renowned independent testing lab, recently released comparative test findings verifying that BlackBerry’s Artificial Intelligence (AI) based endpoint protection platform (EPP), outperforms the competition. For more information, download the full Tolly report here.
For more information on BlackBerry’s solutions for securing OT environments, please visit BlackBerry.com.