Lead Machine Pink 160x1200

Lead Machine green 160x1200

Lead Machine Pink 160x1200

Lead Machine green 160x1200

Thursday, 16 September 2021 09:42

Varonis 2021 Manufacturing Data Risk Report: Nearly one out of every five files are open to all employees

By Varonis

GUEST RESEARCH: Threats against the manufacturing sector continue to persist—from ransomware groups that steal victim’s data before encrypting it to nation-state attackers seeking technology secrets and to company insiders looking for information to grab and sell to the highest bidder. Crippling ransomware attacks can even halt assembly lines and disrupt supply chains.

To understand the extent to which the manufacturing sector is protecting its sensitive information from these evolving threats, software company Varonis developed the 2021 Manufacturing Data Risk Report.

It examines the state of data security—on-premises, cloud, and hybrid environments—for industrial manufacturers and engineering firms by analysing a random sample of data risk assessments in 50 companies—and a total of 4 billion files—to determine how data is exposed and at risk.

This report aims to help manufacturing organisations assess the current cybersecurity landscape objectively and provide advice that companies can leverage to decrease their attack surface.

Manufacturing was the fifth most targeted industry in 2020, with the average data breach costing $4.99 million. The average breach in the manufacturing sector takes 220 days to contain—one of the longest threat lifecycles out of any industry. Overexposed information—especially sensitive data—exponentially increases risk.

This exposure is your blast radius—the damage an attacker can do once inside your environment.

If just one employee clicks on a phishing email, an attacker can potentially access every file an employee can touch.

The report’s key findings include:

  • Every employee can access, on average, six million files on their first day on the job.
  • Four in 10 organisations have 1,000+ sensitive files open to every employee.
  • 44% of companies have more than 1,000 active “ghost user” accounts enabled.
  • More than half of companies have 500+ accounts with passwords that never expire.

Larger companies are twice more exposed
On average, every employee has access to over six million files — nearly one out of every five files — on their first day on the job. For large companies, that number doubles. At firms with more than 1,500 workers, employees can access over 12 million files.

One out of every ten files open to everyone in the company is sensitive. These files may include intellectual property, employee data, manufacturing and supply chain information, product development documentation, and marketing plans.

Protecting manufacturing data
Global access groups (e.g., everyone, domain users, authenticated users) are helpful for internal collaboration, but they also make it much easier for cybercriminals to infiltrate your environment.

The study points if a bad actor compromises one end user, they can gain a foothold that enables them to copy, share, delete, and change unprotected sensitive information.

44% of manufacturing companies average 1,000+ files open to every employee — and more than one in five have 10,000 files open to every employee.

Companies with overexposed sensitive data can limit open access by enforcing a least privilege model to reduce risk.

Manufacturing companies store above-average amounts of stale sensitive data, which may expose flaws and inflates storage costs unnecessarily. On average, 78% of an organisation’s sensitive files are stale and could be deleted or archived.

Vulnerabilities in active directory
Inactive user and service accounts that remain enabled long after employees leave (ghost users) provide attackers with plenty of time to brute-force their way into your environment and, once inside, move through your data stores.

From there, they can quietly steal data and avoid detection before encrypting it. Inactive, but enabled, privileged admin accounts with passwords that never expire are one of the best gifts you can give cybercriminals. These often overlooked vulnerabilities are difficult to detect and root out without proper visibility into your environment.

The study found out that 56% of companies have over 500 accounts with passwords that never expire and 44% of companies have more than 1,000 active “ghost user” accounts enabled.

“Manufacturers hold sensitive, and incredibly valuable data that put them at risk. And as we saw with WannaCry and DarkSide. All too often, information is overexposed and under protected. To limit the damage attackers can do, you must reduce your blast radius,” suggests Varonis technical director Matt Lock.

“Companies need to ask themselves three questions to better prepare for an attack: Do you know where your important data is stored? Do you know that only the right people have access to it? Do you know that they’re using data correctly? If you don’t know the answers to these three questions, you won’t be able to identity the early stages of a cyberattack,” Lock explains.

The report concludes:
1. The manufacturing industry’s cybersecurity maturity lags behind other industries such as finance, with nearly half of all companies still underprepared for a disruptive attack.

2. Manufacturers’ cybersecurity preparedness is more likely to vary when compared to regulated sectors like healthcare and finance. While some companies have mature data security policies and incident response procedures, others have taken few mitigative steps.

3. Manufacturing companies can position themselves for success by deploying solutions to their full potential, removing data security blind spots by adding visibility, and reducing access to data on a least-privilege basis using automation. Reducing your blast radius will help minimise the damage attackers can do when—not if—they land on your network.

Subscribe to ITWIRE UPDATE Newsletter here


It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinatrs and campaigns and assassistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.



iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.


Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News