94% of French companies have suffered at least one cyberattack in the past year. This figure, revealed by Bpifrance, reflects the vulnerability of the digital ecosystem of businesses. As the digital environment grows in volume, attack surfaces increase and expose enterprise data. Where do these attacks come from and how can you prevent them?
Some figures on cybersecurity in the industry
Companies in the industrial sector surveyed on cybersecurity issues generally appear to be more exposed and more vigilant than average.
Industry: 2nd largest employer of cybersecurity experts
The study of cybersecurity profiles established by the Ministry of Labor reveals that security architects are overwhelmingly employed in the industrial/technical sector. These offers represent 20% of those issued on the markets, just behind the cybersecurity needs of the IT and telecommunications sectors which total 22% of the offer.
VSEs/SMEs in the industrial sector poorly supported…
An IFOP survey carried out in 2021 among VSEs/SMEs notes a significant proportion of companies in the agricultural and industrial sectors among those which declare themselves to be insufficiently supported in the fight against cyberattacks. The lack of support declared by these business leaders is 9 points above average.
…and more affected by cyberattacks
Companies in the agricultural and industrial sectors are also among the most exposed to cyber threats. The share of those declaring having already suffered a cyberattack in this sector is 7 points higher than the average for all sectors combined.
The IFOP study also notes greater difficulties among small businesses, and even more so among those positioned in the least bureaucratized sectors, such as construction and industry.
Where do cyberattacks come from?
Cyberattacks can come from very different profiles who have neither the same motivations nor the same objectives.
Cybercrime
Greed is the form of cybercrime best known to the general public. It affects the digital environments of businesses, but also individuals, public services, etc.
Competition
The cyber attack can also be a way to bring down the competition, or to steal key information on the functioning of the company.
Malice
The possibility of pure and simple malice should not be ruled out. In industry, it could be the result of poor management of human resources (flaw in recruitment policy, revenge and retaliation following a company decision, etc.).
The challenge
A cyberattack can also be a challenge launched by an individual or a group of hackers. Here, the preferred targets are large structures deemed infallible.
Cyberactivism
Attacking cyber defense systems can also be a way to send messages, to demonstrate disagreement with the company's activities or positions.
How to strengthen company cybersecurity?
Each company can be supported by a cybersecurity expert in order to deploy a targeted protection plan depending on the nature and extent of the threat. Here are some examples of crime trends and cybersecurity strategy.
Monitoring unknown vulnerabilities
Unknown vulnerabilities, also called Zero Day or 0-Day, are flaws exploited by cybercriminals after a long period of research and observation. To anticipate these flaws, we must be proactive and look for weak points in the cyber shield before they are discovered.
This type of sophisticated approach requires constant monitoring, through a continuous and automated validation process, and immediate responsiveness in the event of an attack. In other words, it is imperative to appoint a leading cybersecurity expert to protect against it and react effectively.
Internal and external attack surfaces
The term “attack surface” is part of cybersecurity jargon. Digital attack surfaces are all access points to the company's information system.
The internal attack surface refers to all doors that can be opened from the inside. If the entry points are accessible remotely, this is called an external attack surface.
To strengthen the company's cyber defense, you must start by listing all the elements of the attack surfaces. Each can then be reduced in order to better control the risk.
Cyber risk indicators
There are several cyber risk level indicators that may be more or less relevant depending on the company.
For example, the number of cyberattacks and their frequency stand out, but this data is not necessarily representative of the extent of the threat. We will prefer intrusion attempts which offer a more accurate view of the situation and the level of risk.
Furthermore, communicating on the right indicator makes it possible to maintain an appropriate level of vigilance. If the cybersecurity center only shares data on successful attacks, and not on attempts, then the vision of managers is biased, which does not allow an informed decision to be made (budget and staff allocated to cybersecurity).
The reaction time to a cyberattack is another indicator to observe to adapt your cybersecurity strategy. It is also possible to see what other industry players with similar structures are doing to protect their information systems.
Finally, large groups also see their cybersecurity exposed by the flaws of subcontractors and suppliers. All these aspects must be explored to have an overview and make the right decisions at the right time.