Which industries are most affected by cyberattacks in 2024?
Cybersecurity is one of the hottest topics in company board meetings across the globe. From Energy through to Education, no industry is exempt from the discussion – protecting data and systems is crucial across all sectors and companies. We dive into the industries that are facing the highest concentration of cyberattacks, along with their main challenges when it comes to safeguarding their systems and finding top talent to lock things down. Let’s get into it:
Education & Research
With significant digital transformation occurring in the education & research sector, this has made the industry a textbook target for cyber criminals. The increased uptake of Enterprise Resource Planning (ERP) systems, cloud platforms, and e-learning systems to manage student and faculty data and enhance the student experience, has resulted in a growing need to protect this information… and the numbers paint a concerning picture.
The sector experienced 2507 attacks weekly per institution in 2023, a 15% increase since Q1 2022. As threats only grow in this space, the need for A+ cybersecurity talent will only rise. According to LinkedIn, the higher education sector has seen a 41% increase in employment of professionals skilled in cybersecurity since September 2022 and the research sector an increase of 31%. However, the education industry still isn’t appropriately equipped to handle these threats – out of 17 major industries, education ranks last when it comes to cybersecurity preparedness.
Cyber criminals are attempting to cash in on the wealth of valuable data held by the financial services industry. This is particularly due to the explosion of e-banking and the stores of customer information these companies manage. The global rate of ransomware attacks in the sector sat at 55% in 2022, and increased to 64% in 2023 – a significant jump from the 34% reported in 2021. With cyberattacks affecting financial services companies far and wide, the need to protect systems and customer data is more important than ever – and the sector is banking on having the right talent on their teams to close in on cybercrime.
However, with the financial services industry losing out on candidates to industries that offer more competitive remuneration such as global tech providers or cyber consultancies, securing this talent isn’t easy. Especially when the industry is already experiencing a significant candidate shortage – the finance and insurance industry in the US, for example, saw 168,000 cybersecurity job openings in 2022 with the country only having enough workers to fill 68% of open cybersecurity roles.
Over in APAC, Elliott Howard, Talent Sydney cybersecurity recruitment expert, shares that “while large enterprises such as financial service, telecommunication and consultancy organisations continue to grow their large, in-house cyber teams, we have certainly noticed an ongoing trend of cyber professionals moving from these organisations to join specialised cyber consultancy firms where remuneration is more competitive”.
With the move to renewables, growth of GreenTech, and increasing digitalisation of the energy sector, it’s no surprise that this industry is an increasing target for cybercrime. In 2022, 10.7% of global cyberattacks were experienced by the energy sector, with a cyber breach in this industry costing on average US$4.45 million in 2023.
Additionally, the International Energy Agency – an intergovernmental organisation dedicated to the research and analysis of the global energy industry – has indicated that organisations within the sector struggle to source and retain appropriate cybersecurity professionals to defend their companies against risk. Research by the agency also highlights that cyberattacks are the catalyst for spikes in demand for cybersecurity professionals, indicating a lack of long-term cyber strategy across the sector. However, people power is an issue: the global shortage of security professionals makes sourcing this talent a tricky task.
With the growth of smart manufacturing and use of cloud technologies to generate efficiencies in the manufacturing process, the industry has experienced a significant share of cyberattacks. The sector recorded a 24.8% share of global attacks in 2022 indicating the need for significant investment in the cybersecurity space to mitigate risk. As a result, it’s projected that cybersecurity investment within the manufacturing sector will reach US$29.85 billion by 2027, with a strong investment needed in security professionals who can assemble strong system defences.
Cyber criminals are bringing new meaning to the term ‘click and collect’. Between 2021 and 2022, ransomware attacks increased by a significant 75% in the retail industry, emphasising just how much this sector can’t afford to ‘check out’ when it comes to cybercrime. Handling stores of customer data, overseeing Cloud POS systems, and managing the supply chain, retail companies need to be prioritising cybersecurity to protect this endless aisle of sensitive customer and supplier information. However, research has revealed that this is on the backburner for most; only 22% of retail companies are currently training their employees in cybersecurity.
71% of retail IT and business leaders have also noted concern about the size of their digital attack surface. Taking stock of threats in the industry – where credit card skimming and ransomware is rife in this sector – the need for skilled cyber professionals is stronger than ever. Yet, as is clear across all industries, it’s a classic issue of supply and demand – there simply aren’t enough cybersecurity professionals to protect against the growing threats thrown the retail industry’s way.
With a shift to digital and e-health – think telehealth appointments, wearable technology, and electronic health records – the healthcare industry is not immune to the cyberattacks and viruses plaguing industries across the globe.
Research has revealed that in 2022, healthcare organisations experienced 1,426 attacks weekly – a 60% increase since 2021. Q3 of 2022 also saw 1 in 42 healthcare organisations experiencing a ransomware attack. Nathan Crawford-Condie, Client Services Manager at Avec, Talent’s project delivery company, comments that “the number of ransomware threats are growing exponentially, and healthcare is over-represented in breaches, so is highlighted as an easy target for criminals. In a world where the likelihood of being a victim of cybercrime has moved from if to when, healthcare leads the pack.”
Investment in cybersecurity, however, isn’t sufficient to develop a strong defence against attack. A 2022 survey by the Healthcare Information and Management Systems Society revealed that US healthcare organisations are spending 6% or less of their IT budget on cybersecurity and that finding the right people to place on the frontline is a tough ask. Sourcing top cybersecurity talent is a challenge due to limited budgets, a lack of qualified candidates, and an inability to offer competitive remuneration.
With the rise of state-sponsored threat actors driven by political, financial, and military aims, Government departments are more alert than ever when it comes to securing their systems and data from attack. Research has highlighted that cyberattacks in this sector increased by 95% in the second half of 2022 compared to the year before. However, the industry is struggling to develop a strong defence without the right people on board. Insights from the US have revealed that there is a shortage of 36,000 public sector cybersecurity jobs across federal, state, and local government. Without qualified candidates protecting against everything from spyware to malware, global governments are at risk of data breaches that could have far-reaching implications.
Are you ready to lock down your systems and are on the search for top cybersecurity talent to help you do this? Working with clients in Government through to banking, we can help you find the right people to keep your systems secure. Learn more here.