Nearly half of Britain’s manufacturers (42%) have been a victim of cyber-crime over the last 12 months according to new research, Cyber Security: UK manufacturing, published by manufacturers’ organisation Make UK and Blackberry.
Over a quarter of respondents (26%) reported substantial financial loss as the result of an attack, with losses ranging from £50,000 to £250,000.
As businesses adopt more digital technologies, their exposure to cybersecurity risks increases. Some 95% say cybersecurity measures are necessary for their company, while two thirds said the importance of cybersecurity has increased in the last 12 months. Worryingly, the majority (54%) decided not to take any further cybersecurityaction despite adopting new technologies to boost production.
UK manufacturers face a battery of cybersecurity risks, ranging from simple employee error to complex targeted attacks. The top three cybersecurityvulnerabilities were identified as maintaining legacy IT (45%), a lack of cyber skills within the company (38%), and providing access to third parties for monitoring and maintenance (33%). The research also found that production stoppages were the most common result of a cyberattack (65%), with reputational damage ranking second (43%).
Adoption of the industrial Internet of Things (IoT) is shown to be the biggest driver behind cybersecurity adoption for one in three organisations (30%). These new IoT processes, such as automated sensors driving efficiencies, sit at the heart of manufacturing production and are seen as business-critical functions. However, just over a third (37%) say that concerns about cyber vulnerability have prevented the introduction of new connected technologies into their organisation, hampering potential productivity gains and holding companies back from growth.
Targeted attacks are the most common, with smaller companies often the most vulnerable yet many offering no cybersecurity training to staff. 62% of manufacturers now have a formal cybersecurity procedure in place in the event of an incident, up 11% on last year’s figures with the same number giving a senior manager responsibility for cyber security. More than half (58%) have escalated this responsibility to board level.
Stephen Phipson, CEO of Make UK, the manufacturers’ organisation said: “Digitisation is revolutionising modern manufacturing and becoming increasingly important to drive efficiencies in this incredibly difficult inflationary environment. While cost remains the main barrier to companies installing proper cyber protection, the need to increase the use of the latest technology makes mounting a proper defence against cyber threats essential. No business can afford to ignore this issue and while the increased awareness across the sector is encouraging, there is still much to be done. Failing to get this right could cost the manufacturing industry billions of pounds and put thousands of jobs at risk. Every business is vulnerable, and every business needs to take the necessary steps to protect themselves properly.”
The composition of cyber defence across UK industry is wide – with 89% of companies investing heavily in antivirus software and firewalls to secure internet connections. Threats originating in Russia and China are now seen as the main challenge to cybersecurity for UK manufacturers (75%).
Keiron Holyome, VP UKI, Eastern Europe, Middle East and Africa at BlackBerry said: “Clearly, the UK manufacturing industry is acutely aware of the threat that cybercrime presents. With attacks increasingly targeting operational infrastructures at the heart of major economies, the bigger issue is the majority of manufacturers that may not be aware that they have already been compromised. In our experience, it is possible – indeed, likely – that malware is present in legacy infrastructure, just waiting for the right time to strike. Today’s sophisticated threats are not deterred by outdated antivirus and firewall protection; it’s time for industry management to bring in the big guns of preventative cybersecurity to protect against all vulnerabilities, from accidental insider breaches through to the very real threat of nation state attacks.”
Further details can be found in the report, Cybersecurity: UK Manufacturing, available for free download here.