Why Emails Are a Company’s Biggest Cybersecurity Concern

With the advent of Industry 4.0, it makes sense that we’re paying more and more attention to cyber security attacks on the manufacturing industry.

With the advent of Industry 4.0, it makes sense that we’re paying more and more attention to cybersecurity attacks on the manufacturing industry. We're entering a digital revolution in manufacturing, in every aspect but one: cybersecurity.

Recently, the Verizon 2018 Data Breach Investigations Report confirmed what we already knew: manufacturing companies are popular targets for hackers. According to the report, the manufacturing industry is the fifth most targeted sector, with over 536 attacks in the past year. Of these attacks, a reported 47 percent of them were committed for the purpose of corporate espionage, while 53 percent were to attain data that could be sold on the black market.

But the study also highlighted one common thread in these hacks: the importance of keeping your email protected. The study calculated that email was the most common method the hackers used, allowing system access 96percent of the time. Despite this, there is still no standard or guidelines for manufacturers to protect their email data.

Of course, to understand how a business can protect email communications, it’s essential to understand why emails are such attractive targets to hackers in the first place.

Why Email?

There’s a treasure trove of information that’s regularly exchanged in a business’ email communications: tax documents, insurance forms, and personally identifiable information are all commonly sent and received by a company’s HR department, and they can fetch a pretty penny in underground marketplaces online.

But the biggest draw to hackers just might be the large amount of research and development, industrial data, and intellectual property that is all completely vulnerable in the manufacturing industry. And while a study by the Ponemon Industry calculated that a significant data breach could cost a business up to $1,728,000 in damages, you lose more than money when you’re a victim of cyber-espionage—the competitive advantage another company can gain from your hard work is truly invaluable.

So how can a manufacturer protect their email?

What is Encryption?

Encryption is widely recognized as an effective way to protect an email’s contents from getting in the wrong hands. Encryption works by scrambling an email’s contents or attachments until the recipient provides a unique key. That means no other person other than the intended recipient will be able to open the email or attachment.

Most email platforms allow for some kind of encryption, but since many online users find traditional methods burdensome and time-consuming (especially to those with a large volume of emails), encryption is usually underutilized.

Still, there are now a number of advanced encryption systems that are more user-friendly and easier to integrate with popular email platforms. So now, it’s up to businesses to take the next step.

Why Should You Use Encryption and Other Methods?

Phishing was the third most common kind of cyberattack, after hacking and malware. Phishing works by sending an email to “bait” the recipient into clicking a malicious link, that will infect their computer or trick them into sending sensitive information.

Phishing is becoming increasingly sophisticated, with some scams operating by impersonating a company’s supervisor and asking for a wire transfer, manipulating employees into filling out fake invoices, or requesting sensitive documents. As an added measure, scammers will even target certain employees using an email that’s incredibly similar to the email address of their supervisor.

And there’s no sign of stopping: across all sectors phishing scams have tripled in frequency, with HR departments (and their proximity to tax documents and insurance information) being lucrative targets.

Other Methods to Protect Email

Since not everyone in your workforce can be expected to double-check every email that comes their way, how can you prevent your company from being hit with a phishing campaign? The Verizon report showed that unfortunately, four percent of people will click on every single phishing campaign.

One solution is to integrate a tracking service for your emails, so you can always tell who’s receiving the emails you send, when your emails are being forwarded to someone else, and much more.

If you’re worried about sensitive documents finding their way into the wrong hands, postmarking your emails makes sure they don’t end up as spam, and gives a record of what’s being sent—similar to certified mail at the post office.

Two-factor authentication is another measure that’s becoming increasingly necessary. This is a great way of locking certain content unless a code is sent to another device, that way, if someone somehow manages to access your passwords, the second layer of protection can prevent them further accessing the contents of your emails and your attachments.

What You Save By Protecting Your Emails

It’s difficult to think that your business could lose millions with just a few keystrokes by a bad actor. But it takes just a few measures and the right tools to protect your company. Ultimately, when you protect your emails you preserve a few utterly priceless things: your employees’ trust in your company, and their ideas and hard work.

Idan Udi Edry is the CEO of Trustifi, a software-as-a-service company offering a patented postmarked email system that encrypts and tracks emails.

More in Cybersecurity