Manu‘fractured’ supply chains : IBM’s annual X-Force Threat Intelligence Index

IBM’s annual X-Force Threat Intelligence Index shows how cyber criminals took full advantage of global uncertainty in 2021, especially in the manufacturing industry

Today, IBM Security released the results of its annual X-Force Threat Intelligence Index. As cyber criminals become increasingly innovative in leveraging global uncertainty, more than ever companies and policy makers need to join forces to share threat intelligence, best practices and improve standardization and innovation to combat cyber threats.


By Julian Meyrick, Managing Partner & Vice President, Security Strategy Risk & Compliance, Security Transformation Services Software, IBM Security


In 2021 cybercriminals took full advantage of global uncertainty, a weakened supply chain and unpatched vulnerabilities to successfully infiltrate organizations across the globe and make their pay day. IBM’s X-Force Threat Intelligence Index identifies the biggest cyber threats in 2021, and how ransomware and vulnerability exploitations together were able to ‘lock-down’ businesses around the world.

Instead of chasing the money, cyber criminals now chase leverage, all through our supply chains. Last year, manufacturing surpassed the financial industry as the most attacked sector. Manufacturing faced the most attacks in Asia (32%), North America (27%), and Europe (26%), indicating the strategic shift in attackers’ targeting.

With nearly 1 in 2 attacks on manufacturing occurring due to unpatched vulnerabilities, and 2021 also witnessing a 50% increase in disclosed vulnerabilities in Industrial Control Systems, it’s is clear that cyber threats are a growing concern across all industrial sectors.

The Charter Of Trust, a global initiative of leading companies advancing cybersecurity, is calling for both industry and governments to work together and share know-how and best practices, but also to extend operational collaboration to government agencies and other public sector entities.

The need for bringing together the cybersecurity capabilities of public and private sector partners to enhance cyber resilience has never been greater.

Since its inception, the Charter Of Trust has been promoting multilateral efforts in regulation and standardization.

And the sense of urgency to create common security standards and enhance collaboration is growing.

In the European Union, for instance, there is a strong focus on building a cybersecurity ecosystem across the EU Member States, through the EU’s Cybersecurity Strategy for the Digital Decade.

In the US, President Biden’s Executive Order on “Improving the Nation’s Cybersecurity highlights the persistent cyber threat to the United States and calls on the government and private sector to partner to address these ever-evolving cyber threats through requirements on software supply chain security, threat information sharing, and enhanced cybersecurity standards.

But while governments are addressing cybersecurity measures, companies should not wait for regulation to take effect, but rather strengthen their partnerships with other private players as well as with governments. The Charter has always advocated for more joint public-private initiatives across the entire supply chain in various sectors, for a more collective and coordinated readiness to act on threats.

If there’s one thing the 2022 X-Force Threat Intelligence Index shows, it’s that it is essential that industries are prepared for cyber risks – and preparation requires access to information.

Whether in manufacturing, financial services, or the energy sector, cybercriminals are becoming increasingly more resilient, resourceful, and stealthy in their pursuit of businesses’ critical data. It’s paramount that we all recognize that public-private partnership and collaboration on threat sharing will be central to building a coordinated defense against these threats.

Read more about the global and regional results in the X-Force Threat Intelligence Index below: