Which industries are most at risk of a security breach?

Published on 11 May 2018

It wasn’t too long ago that banks were the main targets for criminals. After all, these institutions were the ones responsible for handling much of the world’s money. But today, the threat landscape has changed. Masked robbers have made way for anonymous cyber criminals, and financial institutions are just one of the many sectors that are vulnerable to a breach.

A large part of this is due to the growing value of data. When sensitive data concerning customers, intellectual property or trade falls into competitors’ hands, it has the potential to cause serious (and sometimes permanent) damage.

While no industry is immune to a data breach, those who hold onto large volumes of sensitive data are most at risk. Here’s a quick look at those who should especially be on guard.


Recent figures from Ponemon Institute’s 2017 Cost of Data Breach Study puts healthcare at the top of the list when it comes to industries with the highest data breach costs per capita. Whereas the global average per capita cost of a data breach is $141, this figure rises to $380 for healthcare firms. While according to the Information Commissioner’s Office, the health sector accounts for 43% of all data breach-related incidents.

Perhaps healthcare’s vulnerabilities can be linked to the sector’s slow uptake in IT security. Long-term spending cuts mean there hasn’t always been room for IT investment, and as such, many organizations have been left relying on legacy hardware with unpatched vulnerabilities (as seen in the WannaCry attack on the NHS).

Another reason may be the wealth of personal information the sector holds onto. In recent years, patient records have been selling for a premium on the black market.


According to the latest Kroll Annual Global Fraud & Risk Report, 88% of manufacturing CEOs reported that their company fell victim to at least one instance of fraud over the last 12 months. This figure is 4% higher than the global average across all industries (84%).

And it’s little wonder. Within manufacturing, the likes of automotive, pharma, chemical and defense organizations hold onto masses of critical data. Most of this comes in the form of R&D information, trade secrets and intellectual property patents. This is valuable information for anyone wanting to engage in corporate espionage, where motivation can be anything from wanting to elicit a competitive advantage to invoking mass damage in revenge.

According to Kroll, information theft, loss or attack were the most prevalent types of fraud experienced within manufacturing (as cited by a third of respondents). This was closely followed by corruption and bribery.

Transport and logistics

Around the world, many transport networks are using connected technologies to streamline their processes. However, while internet-based tracking, navigation and communication tools are creating efficiencies, they’re also creating more entry points for hackers wishing to cause chaos.

Examples include the NotPetya malware attack on Maersk in 2017, which cost the shipping giant up to $300 million. Operations in four different countries were affected, and this caused delays and disruption that lasted weeks. While in 2016, FedEx’s Dutch TNT Express unit was exposed to a wiper virus which slashed $300 million from its quarterly profit.

But it’s not always external hackers that are to blame. Internal oversight can also be damaging. Earlier this year, FedEx exposed private information belonging to thousands of its customers via an unsecured server.

Financial services

Of course, banks remain a hacker favorite. But given the sector’s long history of cyber-attacks, many have invested heavily in security in recent years. Yet despite their efforts, breaches do still occur. Recent notable cases include the attack on Tesco Bank, where hackers stole £2.5 million from customer accounts. Or the hack by MoneyTaker, a group of Russian hackers who stole $10 million from American and Russian ATMs over a period of 18 months.

However, it’s not always outsiders who banks need to be wary of. One of the biggest threats facing financial services is the one that comes from careless or compromised users. According to the IBM X-Force Threat Intelligence Index 2017, financial services companies suffered more breaches than any other industry, with more than half of these breaches coming from insiders.

These insiders, which may include employees, contractors or third-party suppliers, have access to sensitive data. When this access is abused, precious banking data is exposed, and this can lead to a whole host of problems. Adding to the situation is the continued move towards multi-channel banking. While this is improving the customer experience, it’s also opening up the attack vector businesses are faced with.

Remember: regardless of business size, sector or industry, breaches are a matter of when, not if, they’re going to happen. To minimize the damage, it’s crucial that businesses understand the cyber threat landscape and prepare themselves with the right tools and a holistic strategy. By defining and implementing policies, processes and solutions around privileged access, data breaches can be managed efficiently and effectively – and not cripple a business. Bringing threat analytics, alongside privileged accounts, credentials and passwords under one centralized management system can be a good start for a wider, more robust security plan.


Read more in our latest report: The Known Unknowns of Cyber Security.

by Balabit

Balabit, a One Identity business, is a leading provider of Privileged Access Management (PAM) and Log Management solutions. Founded in 2000, Balabit has a proven track record of helping businesses reduce the risk of data breaches associated with privileged accounts.

share this article
Mitigate against privileged account risks
Get in touch

Recent Resources

The top IT Security trends to watch out for in 2018

With 2017 now done and dusted, it’s time to think ...

The key takeaways from 2017’s biggest breaches

Like many years before it, 2017 has seen a large ...

Why is IT Security winning battles, but losing the war…?

When a child goes near something hot, a parent will ...

“The [Balabit] solution’s strongest points are the privileged session management, recording and search, and applying policy filters to apps and commands typed by administrators on monitored sessions.”

– The Forrester Wave, Privileged Identity Management, Q3 2016, by Andras Cser