The high-tech industry has become a popular target for cyber criminals because of the rich rewards a data breach can yield. With the increased use of Cloud-based business transformation technologies, organisations operating in the industry will face a diverse and evolving threat landscape, making cybersecurity more important than ever.
The global technology market has seen strong growth over recent years. According to the Forbes Global 2000, the record 184 technology companies that claim a spot on the list account for more than $9 trillion in market value, $4 trillion in assets and nearly $3 trillion in sales.
These high-tech organisations, alongside those that fall outside the top 2000 list, come from a diverse range of sub-industries; from electronics manufacturing and software development to digital media and space.
Though they apply their skills and knowledge to different sectors, high-tech organisations all have something in common: they operate at the leading edge of technology. There, innovation, secrecy, intellectual property and – above all – security is imperative.
However, it’s these traits, their use of business efficiency technologies such as Cloud enabled SaaS services, and the large volumes of sensitive data generated, that makes these organisations a tempting target for cyber criminals.
Cyber threats faced by the high-tech industry
The threats posed to high-tech organisations are wide-ranging; varying from eavesdropping and IP theft to rogue data injection and access control. Attacks designed to gain access to systems and data at rest are not uncommon. However, they pose more of a challenge to hackers as they must first overcome preventative measures such as firewalls.
Data in motion across the enabling data networks, on the other hand, provides cyber criminals with an easier and richer target. High-speed data networks can yield terabytes of data in a matter of minutes. By intercepting this network data in motion, cyber criminals improve their odds of stealing sensitive information or using it to gain systems access.
Should this happen in the high-tech sector, the stakes could not be higher. Revered corporate strategy consultants, McKinsey & Company, warned organisations that cyber criminals are now turning their attentions to data networks.
Alongside the commercial and reputational damage we’ve mentioned, a successful hack could allow a bad actor to seize control of (or damage) critical systems, such as a launch control platform in the space industry, disrupt key services and impact the lives of millions of people.
Moreover, such an event for a high-tech organisation puts the very fabric of the business – its IP – at significant risk. A breach of unencrypted data including critical IP would harm all stakeholders.
A new frontier for the Australian space industry
One high-tech industry that’s gaining traction is the space industry. According to a recent report by Goldman Sachs, globally the industry (currently valued at circa US$360 billion) could be worth $1 trillion globally by the 2040s.
Alongside significant government funding from the likes of the US, Europe, China, India and Russia, the market has seen a large influx of private investment. Satellite revenues have more than doubled in the past ten years; with major players such as Airbus, Boeing, Thales and Mitsubishi contributing to a commercial market value in excess of $250billion.
The Australian government is playing its part. The newly formed Australian Space Agency has announced that it’s joining forces with NASA, spending $150 million over five years that will see the collaboration support exploration missions to Mars and the Moon.
This announcement was shortly followed by the news that the UK and Australian Space Agencies will step up cooperation with the intention to develop a world-first ‘Space Bridge’.
These developments are a clear mark of intent that Australian and other nations’ businesses are positioning themselves to make the most of the opportunities a rapidly expanding industry represents.
The space industry is exposed to a variety of attack vectors that threaten the security of everything from intellectual property to launch control systems. There can be no doubt that the industry’s growth is also attracting the attention of a mix of bad actors – from rogue states and cyber criminals to technology rivals.
Choosing the right encryption solution
In the face of an evolving threat landscape, these risks cannot be ignored. To protect high value data, and ensure its integrity, high-tech industries should be utilising end-to-end encryption technologies. Standards-based encryption, state-of-the-art key management and crypto-agility should all be leveraged to provide long-term data protection.
Purpose built, dedicated hardware encryption should be used to secure core IT and network infrastructure, such as primary communications links and data centre interconnects. Virtualised encryption may be deployed to protect virtual CPE and less critical WAN infrastructure.
Importantly, high-tech organisations should be alert to unsecure file-sharing behaviour where sensitive IP is sent as attachments to emails. When sharing such sensitive documents, organisations should use an encrypted file-sharing application. Choice of file-sharing application should also be dictated by the level of control available over data sovereignty.
Organisations that choose not to adopt best practice encryption data security, risk eavesdropping, IP theft, control systems interference and systems’ damage. These would have catastrophic implications for the organisation, its shareholders, suppliers, employees and customers alike.
Encryption should be considered an everyday part of doing business; especially in high-value and high-tech industries. But, it’s important to note that not all encryption solutions are the same.
Find out more about cybersecurity considerations for the high-tech industry in our Solution Paper.