Nearly Half of U.K. Manufacturers Hit by Cyber Attacks

by Warwick Ashford, ComputerWeekly.com

Approximately 48 percent of U.K. manufacturers admit they have experienced a cybersecurity incident, with about half of them claiming to have suffered financial loss or disruption to their business as a result, according to a recent survey report published by manufacturers’ organization EEF in partnership with insurance firm AIG and the Royal United Services Institute (RUSI), the world’s oldest independent think tank on international defense and security.

“There seems little doubt that many more attacks will have gone undetected, and that cyber-related risks for manufacturers are only likely to deepen and broaden with increasing digitisation,” according to the survey report published by manufacturers’ organisation EEF in partnership with insurance firm AIG and the Royal United Services Institute (RUSI).

The survey of nearly 170 U.K. manufacturing businesses found that although 91 percent of respondents are investing in digital technologies, 35 percent believe cyber vulnerabilities are keeping them from doing so fully.

“This suggests that opportunities are being missed and some businesses risk falling behind in the race to digitize. The result must not be that the UK falls away from the vanguard of manufacturing excellence,” the report said.

Cybersecurity maturity levels were rated as “highly varied” throughout the U.K. manufacturing sector, according to the report, both in terms of awareness of the challenge and the implementation of appropriate risk mitigation strategies.

According to the report, a “worryingly large” 12% of manufacturers surveyed have no process measures in place at all to mitigate against the threat, and only 62% of respondents said they train staff in cyber security, while 34% said they do not offer cyber security training and 4% said they did not know.

Although the government is taking important steps to improve national cybersecurity resilience, to date no priority has been given to the specific needs of the manufacturing sector.

The need to have demonstrable cyber security safeguards in place is becoming ever more necessary to operate in the business environment, the report said, with 59% of manufacturers reporting that they have already been asked by a customer to demonstrate or guarantee the robustness of their cyber-security processes, and 58% saying they have asked the same of a business within their supply chain.

For the 37% of manufacturers who report that they could not do this if asked to today, business will become increasingly challenging, the report said

Organizations should take a key performance indicator (KPI) perspective to cybersecurity by setting goals and metrics, according to Tim Bandos of digital loss prevention solution provider Digital Guardian. Read the full report