Business Wire

SecurityScorecard Research Finds 48% of Global Critical Manufacturing At Significant Risk of Breach

Share

SecurityScorecard, the global leader in cybersecurity ratings, today announced the results of its new report, Addressing the Trust Deficit In Critical Infrastructure, which revealed 48% of critical manufacturing organizations ranked “C,” “D,” or “F” on SecurityScorecard’s security ratings platform. Published during the World Economic Forum (WEF) Annual Meeting, the report analyzed the current state of cyber resilience in the critical infrastructure sectors such as Energy, Chemical, Healthcare, and others, as designated by the Cybersecurity and Infrastructure Security Agency (CISA). Organizations with an “A” security rating are 7.7 times less likely to sustain a breach than those with an “F” rating.

“Security ratings are a trusted barometer of cyber resilience and the time is now for policymakers and organizations to make cyber risk measurement mandatory,” said Aleksandr Yampolskiy, co-founder and CEO of SecurityScorecard. “Cyberattacks in the last 10 years have gotten much worse, more complex, and increasingly have targeted critical infrastructure, thereby undermining the public’s trust in the cyber resilience of our global economy.”

SecurityScorecard provides comprehensive security ratings, automated assessments, and guidance from industry experts, providing a patented and easy-to-understand A-F graded scorecards for improved communication, effective compliance reporting, and more informed decision-making.

According to the World Economic Forum, only 19% of cyber leaders feel confident that their organizations are cyber resilient. SecurityScorecard recently joined the World Economic Forum Global Innovators Community, contributing to WEF’s Centre for Cybersecurity’s initiative to address systemic challenges, improve trust, and build cyber resilience. Yampolskiy is attending the WEF Annual Meeting in Davos to engage with the world’s foremost public- and private-sector leaders on mitigating global cyber risk, including within critical infrastructure.

Critical Manufacturing Patching Cadence Falls Amid Escalating Attack Cadence

Cyber incidents affecting critical infrastructure, once comparatively rare, have become far more frequent in recent years as nation-states and their proxies escalate their pursuit of geopolitical objectives. Data from the Federal Bureau of Investigation showed that 14 of the 16 sectors considered critical infrastructure by the U.S. government experienced at least one ransomware attack in 2021.

SecurityScorecard assessed these industries to measure their current state of cyber resilience. It found that critical manufacturing is highly vulnerable based on analysis of all organizations under that category in The Forbes Global 2000 list. SecurityScorecard considers 10 factors when developing an organization’s security rating. Of those 10, the patching cadence ‘factor’ for critical manufacturing experienced a significant drop from 2021 to 2022, moving from 88 (B) to 76 (C).

High and Medium-Severity CVEs Strain Resources

The decline in patching is likely due to an increased volume of vulnerabilities. Critical manufacturing experienced a 38% year-over-year increase in high severity vulnerabilities. In 2022 alone, 76% of critical manufacturing organizations have high and medium-severity CVEs.

These CVEs may, in some cases, facilitate ransomware groups’ targeting of organizations in the sector. Manufacturers experienced an increase in malware infections from 2021 to 2022. In 2022, 37% of critical manufacturing organizations had malware infections.

“While investing in more technology might seem burdensome to resource-constrained critical infrastructure operators, the reality is that cybersecurity ratings technology is extremely cost-effective, especially when you consider the catastrophic cost of a breach is $9.44 million on average for U.S. organizations,” continued Yampolskiy. “By leveraging security ratings, these organizations have a simple way to build resilience and make more informed decisions to strengthen their cyber defenses by confidently measuring risk and quantifying the trustworthiness of their partners, contractors, third-and fourth-party vendors, and supply chains.”

To view the full research paper, please visit: https://resources.securityscorecard.com/davos-2023/addressing-the-trust-deficit

About SecurityScorecard

Funded by world-class investors including Evolution Equity Partners, Silver Lake Waterman, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 12 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 30,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight. SecurityScorecard is the first cybersecurity ratings company to offer digital forensics and incident response services, providing a 360-degree approach to security prevention and response for its worldwide customer and partner base. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risk to their boards, employees and vendors. Every organization has the universal right to their trusted and transparent Instant SecurityScorecard rating. For more information, visit securityscorecard.com or connect with us on LinkedIn.

To view this piece of content from cts.businesswire.com, please give your consent at the top of this page.

Contact information

Derek Delano
SecurityScorecard
ddelano@securityscorecard.io
(646) 457-4513

About Business Wire

For more than 50 years, Business Wire has been the global leader in press release distribution and regulatory disclosure.

Subscribe to releases from Business Wire

Subscribe to all the latest releases from Business Wire by registering your e-mail address below. You can unsubscribe at any time.

Latest releases from Business Wire

Esri Releases New App to Easily View and Analyze Global Land-Cover Changes8.2.2023 16:00:00 EET | Press release

Land Use/Land Cover (LULC) maps are an increasingly important tool for decision-makers at local, regional, and national government levels around the world. These maps help inform policy and land management decisions around issues like sustainability, by contextualizing and quantifying the impacts of earth processes and human activity on the environment. Esri, the global leader in mapping and location intelligence, has now released a new online application, Sentinel-2 Land Cover Explorer. The app is structured around a web-based version of its own high-resolution global land-cover map, derived from European Space Agency (ESA) Sentinel-2 satellite imagery. The app is easy to access and leverages the same geographic information system (GIS) technology behind the land-cover map. The app, map, and source Sentinel-2 imagery are all part of the company's ArcGIS Living Atlas of the World. "GIS not only provides the capabilities necessary to produce and share data and maps such as LULC, it also

ThetaRay and Piie Collaborate in AI Technology for Insurance Payments8.2.2023 16:00:00 EET | Press release

ThetaRay, a leading provider of AI-powered transaction monitoring technology, and Piie, Inc., an insurtech providing an intelligent payment engine, today announced a collaboration to implement an advanced AML solution for insurance claim payments. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20230208005157/en/ Piie (Payments Intelligent Integration Engine) payments-as-a-service platform, including mobile application support. (Photo: Business Wire) Through the agreement, Piie (Payments Intelligent Integration Engine) will integrate ThetaRay’s AI-driven SONAR transaction monitoring AML solution to monitor and detect anomalies pointing to suspected financial crime on its payments-as-a-service platform that includes mobile application support. A scalable, secure payments platform headquartered in Charlotte, NC, Piie serves the insurance industry with an AI-driven real-time payments solution. Using ThetaRay’s transaction monitori

Novaliq Plans to File a Markting Authorisation Application for CyclASol® in the E.U. for the Treatment of Dry Eye Disease in July 20238.2.2023 16:00:00 EET | Press release

Novaliq, a biopharmaceutical company focusing on first- and best-in-class ocular therapeutics based on the unique EyeSol® water-free technology, today announced its plans for filing a Marketing Authorisation Application (MAA) for CyclASol® (ciclosporin ophthalmic solution), a first-of-its-kind anti-inflammatory product for the treatment of dry eye disease (DED) in the European Union. The Committee for Medicinal Products for Human Use (CHMP) of the European Medicines Agency (EMA) determined that CyclASol® is eligible to be reviewed in a centralized procedure to receive a Union Marketing Authorisation for the European Economic Area (EEA). In December 2022, EMA stated in its response that, based on the documentation provided by Novaliq, a submission is in the interest of patients at Community level under Article 3(2)b - Interest of patients of Regulation (EC) No 726/2004. Consequently, Novaliq has submitted a letter of intent to EMA to file the MAA in July 2023. Dry eye is one of the most

The IKEA Foundation Commits €10 Million to Provide Emergency Assistance in Türkiye and Northern Syria8.2.2023 15:50:00 EET | Press release

The donation will go to Médecins Sans Frontières’ (MSF) emergency fund to provide life saving care where medical needs are the greatest. This will support the delivery of essential aid, including medical assistance, psychological support and healthcare services to those most impacted by the devastating earthquake. This press release features multimedia. View the full release here: https://www.businesswire.com/news/home/20230208005519/en/ Image credit: Médecins Sans Frontières, Photographer: Omar Haj Kadour (Photo: Business Wire) The IKEA Foundation is also speaking with other partners who are operating in the region. These partners are coordinating with Turkish authorities to understand further needs and opportunities to provide additional assistance. This includes discussions with Better Shelter, looking at ways to provide modular temporary housing units in Türkiye and Syria. Per Heggenes, CEO of the IKEA Foundation, said: “We are deeply saddened by the devastation and loss of life

New Peer Reviewed Research Reinforces the Carbon Neutrality of Sustainably Sourced Biomass in the U.S. Southeast8.2.2023 15:00:00 EET | Press release

Enviva Inc. (NYSE: EVA), the world’s leading producer of sustainably sourced woody biomass, along with the U.S. Industrial Pellet Association (USIPA), welcome a recent study, titled “Impacts of the US southeast wood pellet industry on local forest carbon stocks.” The study has been peer-reviewed and published in a leading scientific journal, Nature, confirming that the wood pellet industry has met the overall condition of forest carbon neutrality in the U.S. Southeast between 2000 and 2019. According to the International Energy Agency (IEA), if harvest volumes (for wood products and energy) and losses related to mortality and disturbances do not exceed the growth across the whole forest, there is no net reduction in forest carbon stock. The 2022 study in Nature additionally confirms, by data, that carbon neutrality guidelines have been met by biomass producers in the U.S. Southeast, which is the world’s leading region for wood pellet production and export. Between 2000 and 2019, data a

In our pressroom you can read all our latest releases, find our press contacts, images, documents and other relevant information about us.

Visit our pressroom