Are you one of those who thinks that they will never suffer from a cyberattack? Think again. Everybody is vulnerable to some form of cyber risk, whether it be a DDoS on a website, a ransomware attack, falling prey to a phishing ploy or trojan endpoint attacks. Cisco has also revealed that the biggest cyber risk is a result of cryptomining, the practice of gathering cryptocurrency for web-based – either legal or illegal. While individuals are often victims of scams, sophisticated hackers target business since that is where the money is. A case in point is the REvil attack on Acer in March. The Taiwanese electronics and computer manufacturer was faced with the biggest ransomware bill to date – a massive $50 million. But what about the correlation between cyber risk and industry? Which types of business are predicted to be the most vulnerable to a cyber attack? Let’s find out.


Cybercrime and cyber security specialist, FoxTech, recently conducted research to ascertain which industries had the greatest cyber risk. The company audited hundreds of businesses from a range of sectors, including finance, computing and software development and transportation and logistics. Each industry was given a cyber risk score, calculated using numerous cybersecurity indicators. Industries with cyber risk scores of more than 75 are classified as ‘extreme risk’ while any score less than 25 means that the industry has a lower risk – but still not off the radar of the most determined hackers.


So which industry has the greatest cyber risk? According to FoxTech, these are the top five types of business and their accompanying cyber risk score that are most likely to be attacked:

  • 166 – software development
  • 152 – publishing
  • 115 – research
  • 111 – transportation
  • 102 – civil engineering

Many probably thought at finance would be up there with the leaders but that is not the case. Anthony Green, CTO and cybercrime analyst at FoxTech said:

“We audited hundreds of companies across a wide range of sectors and found that while industries such as banking (score 6) and performing arts (score 5) are at very low risk of a potential attack, other industries fell woefully short when it came to ensuring their cyber protection was up to scratch.”


The problem isn’t that companies don’t care about their cybersecurity. The issue is that they don’t realize just how vulnerable they are. More often than not, deployed antivirus or endpoint protection and simply not robust or far-reaching enough to prevent a cyberattack. Green added:

“Alternatively, companies might be under the misapprehension that they are safe from attack because they have invested in cloud-based services. Sometimes, a company can be exposed by something as simple as poorly managed user accounts, software that is out of date or inadvertently leaving their database visible to the internet and therefore exposed to hackers.”

207 DAYS

Research reveals that, on average, hackers have free reign over a company’s IT security for 207 days, exploiting it would the knowledge of its IT provider of its MSP. Green explained how this length of time could be advantageous for a business wanting to make its cybersecurity more resilient and said:

“The fact that hackers are going undetected for more than half a year tells us that there is time to prevent cyberattacks from occurring and an opportunity to protect companies and their customers on a much higher level – so long as businesses are aware of the potential weaknesses in their systems and how they can fix them, even if a hacker is already gathering what they need.”


Just because your sector isn’t one of the top contenders for cyber risk doesn’t mean that you aren’t vulnerable. Think about the Travelex hack in which the  U.K. foreign-exchange company paid about $2.3 million in bitcoin to cybercriminals months before its business began unravelling – Travelex was not in the top 5 sectors for cyber risk. So why don’t you appoint your own anti-hacker? With your IT systems in the right hands, your cyber risk will be minimal and possibly negated. I have more than 20 years of experience in professional business IT management, specializing in cybersecurity and risk mitigation. Contact me for an independent audit of your IT systems, process and procedures right now. It will be my professional pleasure to be your personal anti-hacker.

Leave a comment