With the average cost of $4.24 million, 40% of ransomware victims had less than 100 employees in 2021. Survey data shows 36% of manufacturers and producers report being hit by ransomware, with the average time for ransomware sitting in a company’s critical infrastructure being 220 days before they became aware of the hack. As of 2020, manufacturing is now the fifth most targeted industry.

Jerry Liddell of SET Duct Manufacturing says his company suffered from a malware attack that infected plasma cutters and other equipment. But he was prepared with an insurance policy and a nearly closed off system. However, after a parent company’s security was compromised, hackers were eventually able to gain access to the manufacturer’s equipment. 

"I did get pretty lucky. In October, I bought the insurance policy, and I was hit in January. It was a $5,000 deductible,” Liddell says, noting the attack would have cost him millions without the policy. “It’s worth every penny. That’s all I can tell you. Don’t hesitate and get your insurance.”

Speaking at the Spiral Duct Manufactures Association general meeting in Las Vegas at the end of January, Cyber Risk Specialist Autumn Stone advised Liddell and others on security controls. She says that even though security precautions are required for insurance coverage, malware can still get through. Case in point: One of America’s largest insurance carriers, Travelers, netted a loss in 2021 due to the high ticket price of cybersecurity claims. 

“Back in the day. I would say 3 years ago, we were able to just pay a couple $1,000, get a couple million dollar policy and you were set,” Stone says. “You were set for anything to happen. It was probably a five-question application. But nowadays, you basically have to apply. They're going to dive deep into your company, they're going to see that you are actually performing your security controls to the best of your ability and it costs money.”