Authors: Jake Hernandez John Farley
The cyber threat landscape continues to evolve, and the attack surface grows alongside new and emerging technology. This new technology provides new opportunities for threat actors to carry out their crimes against just about every industry sector imaginable. Of particular concern are 16 specific targets — the US categories of critical infrastructure that provide essential services to society across a wide swath of industries. These targets include:
- Chemical
- Commercial facilities
- Communications
- Critical manufacturing
- Dams
- Defense industrial base
- Emergency services
- Energy
- Financial services
- Food and agriculture
- Government facilities
- Public health
- Information technology
- Nuclear reactors, materials and wastewater
- Transportation systems
- Water and wastewater systems
If any one of these is attacked, essential services could be disrupted significantly for citizens and organizations around the globe. This disruption could lead to material impacts to bottom lines and threaten physical security. As a result, the highest levels of the US government have taken deliberate steps to address these systemic cyber risks.
Gallagher's Cyber team continuously tracks threats to critical infrastructure targets. According to a wide range of industry data sources, the incidence of attacks on critical infrastructure by nation-state groups doubled between 2021 and 2022. This surge in cyber threat activity underscores the pressing need for enhanced security measures, particularly within critical infrastructure industries. Specifically, IT, financial services, healthcare, transportation and communications have been focal points for cybercriminals, accounting for about 40% of the total activity.
The financial implications of these security breaches are staggering. This economic impact is even more alarming when considering the root causes behind these breaches. Almost half — about 47% — can be attributed to IT failure or human error, while 28% are caused by ransomware and other destructive attacks.
Despite these threats, many organizations tasked with managing critical infrastructure have been slow to adapt and implement more secure architectures.
Protect your business with the right cyber insurance. It is critical to work with a broker that understands the cyber landscape. At Gallagher, our knowledge extends beyond traditional cyber coverage, as we apply our unique expertise to your cyber concerns.
Learn more about cyber risk and how to protect your business.
