Everybody is vulnerable to some form of cyber risk, whether it be a DDoS on a website, a ransomware attack, falling prey to a phishing ploy or trojan endpoint attacks. Cisco has also revealed that the biggest cyber risk is a result of cryptomining, the practice of gathering cryptocurrency for web-based – either legal or illegal. While individuals are often victims of scams, sophisticated hackers target business since that is where the money is. A case in point is the REvil attack on Acer in March. The Taiwanese electronics and computer manufacturer was faced with the biggest ransomware bill to date – a massive $50 million. But what about the correlation between cyber risk and industry sector? Which types of business are predicted to be the most vulnerable to a cyber attack? Let’s find out.



Cybercrime and cyber security specialist, FoxTech, recently conducted research to ascertain which industries had the greatest cyber risk. The company audited hundreds of businesses from a range of sectors, including finance, computing and software development and transportation and logistics. Each industry was given a score, calculated using numerous cybersecurity indicators. Industries with cyber risk scores of more than 75 are classified as ‘extreme risk’ while any score less than 25 means that the industry has a lower risk – but still not off the radar of the most determined hackers.




So which industry has the greatest cyber risk? According to FoxTech, these are the top five types of business and their accompanying cyber risk score that are most likely to be attacked:


  • 166 – software development
  • 152 – publishing
  • 115 – research
  • 111 – transportation
  • 102 – civil engineering


Many probably thought at finance would be up there with the leaders but that is not the case. Anthony Green, CTO and cybercrime analyst at FoxTech said:


“We audited hundreds of companies across a wide range of sectors and found that while industries such as banking (cyber risk score 6) and performing arts (cyber risk score 5) are at very low risk of a potential attack, other industries fell woefully short when it came to ensuring their cyber protection was up to scratch.”




The problem isn’t that companies don’t care about their cybersecurity. The issue is that they don’t realize just how vulnerable they are. More often than not, deployed antivirus or endpoint protection and simply not robust or far-reaching enough to prevent a cyberattack. Green added:


“Alternatively, companies might be under the misapprehension that they are safe from attack because they have invested in cloud-based services. Sometimes, a company can be exposed by something as simple as poorly managed user accounts, software that is out of date or inadvertently leaving their database visible to the internet and therefore exposed to hackers.”


Research reveals that, on average, hackers have free reign over a company’s IT security for 207 days, exploiting it would the knowledge of its IT provider of its MSP. Green explained how this length of time could be advantageous for a business wanting to make its cybersecurity more resilient and said:


“The fact that hackers are going undetected for more than half a year tells us that there is time to prevent cyberattacks from occurring and an opportunity to protect companies and their customers on a much higher level – so long as businesses are aware of the potential weaknesses in their systems and how they can fix them, even if a hacker is already gathering what they need.”




Just because your sector isn’t one of the top contenders for cyber risk doesn’t mean that you aren’t vulnerable. Think about the Travelex hack in which the  U.K. foreign-exchange company paid about $2.3 million in bitcoin to cybercriminals months before its business began unravelling – Travelex was not in the top 5 sectors. But with your IT systems in the right hands, your risk will be minimal and possibly negated. Zhero has more than 20 years of experience in professional business IT management, specializing in cybersecurity and risk mitigation. Contact us for an independent audit of your IT systems, process and procedures. Let Zhero become your anti-hacker.