The high tech sector is often ground zero for cyber-attacks. One obvious reason is that these organizations have very valuable information to be stolen. However, another more subtle reason is the nature of high tech organizations themselves. High tech companies – and their employees – generally have a higher risk appetite than their counterparts in other sectors. Also, they tend to be early adopters of new technologies that are still maturing and are therefore especially vulnerable to attacks and exploits. For example, employees in high-tech are more likely to use (and self-administer) cutting-edge mobile devices and the latest mobile apps, which might not be secure. In addition, many high-tech organizations have open environments and corporate cultures that are designed to stimulate creativity and collaboration, but are more difficult to defend. As a result, high-tech organizations typically have a very large attack surface to protect.
Just as important, some parts of the high-tech sector provide an attack path into other sectors, since high-tech products are a key infrastructure component for all kinds of organizations. Technology is a key enabler, but it can also be a key source of vulnerability. For example, because of the tremendous need to establish trust on the internet, attacks on certificate authorities have caused serious privacy breaches across a number of industries
- Case 1 :- Also, vulnerabilities in point-of-sale systems have led to major security breaches for retailers, and back doors in communication hardware have exposed organizations in every sector to a wide range of attacks.Speaking of back doors, the growing involvement of covert state actors in this area has been making headlines recently, causing serious reputational damage for the organizations involved.