According to www.thescxchange.com, manufacturers have become prime targets for cyber attacks and extortion, with ransomware accounting for more than 90% of the losses covered by Resilience’s cyber insurance business for manufacturers — despite representing only 12% of claims volume. Phishing and funds transfer fraud were the most common claim type, making up 30% of manufacturer claims.
Rising Sophistication and Operational Impact
The source states that threat actors are increasingly favoring complex tactics, executing long-term campaigns, and prioritizing high-value targets. Because manufacturers operate with low tolerance for downtime, successful attacks can be devastating for business continuity — creating widespread damage across production, logistics, and supplier networks.
Six Actionable Recommendations from Resilience
- Audit and validate multifactor authentication (MFA) deployment to prevent MFA misconfigurations.
- Strengthen vulnerability management for external-facing systems: maintain an inventory of all internet-exposed assets, continuously scan for high-risk flaws, and verify implementation of patches or configuration fixes.
- Implement procedural controls for financial transfers — e.g., dual authorization or confirming requests via a different communication channel than the initial request.
- Invest in ransomware containment capabilities, including IT/operational technology network segmentation, endpoint detection and response, and tested backup and recovery procedures.
- Extend security requirements to vendors and supply chain partners by embedding baseline expectations for access control, patching, and incident reporting into contracts — and periodically verifying compliance among high-risk suppliers.
- Translate cybersecurity risk into financial language to educate CFOs and boards and secure investment support.
Expert Perspective
“Manufacturers don’t need to reinvent the wheel in the face of a growing threat,” said Jud Dressler, head of the Risk Operations Center (ROC) at Resilience.
For global supply chain professionals, these findings underscore that cyber risk is no longer an IT-only concern — it directly impacts procurement lead times, production scheduling, logistics coordination, and supplier performance monitoring. With third-party risk embedded across tiers, the recommendation to extend security requirements contractually — and verify them — is especially relevant for professionals managing multi-tier supplier ecosystems. The disproportionate financial impact of ransomware versus its frequency also signals that resilience planning must prioritize rapid containment and recovery over prevention alone.
Source: www.thescxchange.com
Compiled from international media by the SCI.AI editorial team.
