How to Prevent Manufacturing Breaches: DBIR 2020

Harman Bhogal
By Harman Bhogal

May 25, 2020

New Insights from Verizon’s 2020 Data Breach Investigation Report 

Manufacturing is the most at-risk vertical for large-scale breaches, suggesting huge implications for how they must defend themselves in the coming year.

This is just one of the critical insights highlighted by Verizon’s just-released 2020 Data Breach Investigation Report.

In their report, Verizon compiles recent breach data from over 80 different contributing organizations. At Paladion, we are proud to be one of those contributing organizations yet again. Further, we have found that Verizon’s analysis of the current breach landscape aligns with our own— in particular, when it comes to manufacturing.

Read on, and learn about what has changed in the manufacturing breach landscape over the last year, what specific threats are currently targeting manufacturing organizations, and what you can do to defend yourself over the coming year, and prevent your organization from becoming another data point in Verizon’s survey.

Manufacturing: Highly-Vulnerable to Large-Scale Breaches 

In the past year, the manufacturing industry saw 922 incidents, with 382 of these incidents being confirmed data breaches.

This is a troubling ratio.

The top three most attacked verticals—professional, public, and information—only saw 4-7% of their incidents turn into breaches. Manufacturing saw 41% of their incidents turn into breaches.

These data suggest that manufacturing organizations have relatively low maturity cybersecurity capabilities. To make matters worse, additional data suggest that successful breaches appear to impact manufacturing organizations much worse than organizations in any other commonly-attached vertical.

New call-to-action

The Threat Landscape for Manufacturing Organizations

Verizon’s data indicate that manufacturing organizations must protect themselves from a wide range of threats. These include, in order of likelihood:

  • Crimeware: Including password dumpers, downloaders, and hacks to capture application data.

  • Web Applications: Including the use of stolen credentials to compromise web apps used by the organizations.

  • Privilege Misuses: Including intentional insider threat activity, and mishandling of sensitive data.

  • Miscellaneous Errors: Including misdelivery of sensitive data and misconfiguration of applications and platforms.

Why Manufacturing is Such a Targeted Vertical

Most incidents and breaches were caused by external actors and not internal actors (75% and 25%, respectively), and it is clear what they were after— 73% of these threats had financial motivations, while 27% were espionage-related.

The espionage angle is worth exploring further. The report’s analysis found that many attacks against manufacturing organizations were motivated by competition— either the attacking organization was attempting to steal IP from the victim, or they were trying to materially harm one of their competitors. This set of motivations extends well beyond simple corporate-on-corporate crime and extends to the political arena as well. While organized crime syndicates were behind the highest percentage of attacks on manufacturing organizations, nation-states were behind 38% of these attacks.

Given the different malicious actors that manufacturing organizations face, the range of attack vectors they face, and their vulnerability to large-scale breaches, it is clear that manufacturing organizations require a comprehensive approach to their defense.

How Manufacturing Organizations Can Protect Themselves

Verizon’s report offers a few suggestions that manufacturing organizations can follow to improve their defenses, namely— they can implement security awareness and training programs, better protect their boundaries, and implement data protection.

While we agree with these suggestions, we would go further in our recommendation.

  • Security awareness and training programs can help with misuse-related errors but do little to protect the expanding network of IoT devices utilized in manufacturing operations.

  • The wide network of devices in manufacturing environments has created a porous boundary that will be difficult to protect with traditional monitoring systems. Such networks need managed detection and response (MDR) that is uniquely tuned to detect threats that manufacturing companies face.
  • Once a breach occurs, it is critical that manufacturing organizations have the means to prevent that breach from spreading, so that the majority of their incidents do not spin out of control and create large-scale events.


Paladion’s Managed Detection and Response for manufacturing organizations scales to encompass their growing digital footprint, and rapidly detects, contains, and remediates threats. If you are interested in learning how to bring these defenses to your manufacturing organization, reach out to Paladion today.

New call-to-action