Over the past few years, the UK manufacturing industry has experienced a huge surge in the digitalisation of its practices, allowing for more efficient and more interconnected ways of operating.
While this is a great step forward for organisations to future proof their operations, it is also a double-edged sword.
As a result of an increase in connectivity, the industry has become even more exposed to the risk of a data breach. In fact, over the past 12 months alone, UK manufacturers have had to cope with an average of 30 cyber attacks – and this number is only set to rise in the coming years.
The worrying truth for manufacturers is that just one attack could unravel an entire supply chain and ultimately cost a business millions to repair. In 2017, for example, car manufacturer Renault-Nissan felt the full effects of a ransomware attack that halted production in five of its factories, including its plant in Sunderland, England. The cost of the breach was never disclosed. However, the company was forced to entirely disconnect the plant from the organisation’s network in order to prevent the spread of the malware.
Given that the large majority of manufacturers fear further attacks will continue to ramp up over the next year, UK IT decision makers must prepare now to avoid falling victim to attacks that are becoming increasingly complex day by day.
Current cyber security realities
Fortunately, senior leaders within the UK manufacturing industry are acutely aware that they need to improve their organisation’s cyber security defences. According to research, a large majority of UK manufacturers are conscious of the gaps in their cyber security provision and see cyber security as becoming more important to their business over the next 12 months.
Consequently, most manufacturing business leaders believe that it would be beneficial to designate at least one member of the board to the cyber-welfare of the organisation.
Awareness alone doesn’t solve today’s pressing cyber security issues though. Actions speak louder than words, but worryingly less than half of UK manufacturers are actively addressing the gaps in their cyber security defences, and just over a third of senior IT leaders in the UK manufacturing industry have prioritised IT as their number one investment this year.
Investment is undoubtedly required if businesses hope to build the necessary infrastructure capable of preventing complex and targeted cyber attacks. However, there are ways in which decision makers can improve their cyber security defences without the need for a substantial budget. In fact, many data breaches can be easily prevented by a company’s first line of defence, namely its employees and the credentials that they use.
Prevention is better than cure
By educating employees of the dangers of their own cyber security practices, businesses can drastically reduce the risk of being breached by cyber gangs, preventing the loss of invaluable digital assets.
That being said, the reality is that very few employees understand the consequences of their actions when it comes to cyber security. Indeed, three in five IT decision makers within the manufacturing industry agree that employees at their company still do not understand the implications of poor password hygiene.
Good password hygiene is arguably the most important way in which UK employees can actively prevent their businesses from being exposed to a cyber attack. Password security issues account for more than 80% of all data breaches globally, so encouraging employees to practise good password hygiene can be incredibly effective in strengthening a business’s cyber security defences.
Admittedly, maintaining good password hygiene can be an arduous task if done manually. Fortunately, there exists ample technology to make storing passwords both easy and secure. Centralised password management and security platforms generate complex, unique passwords, automatically fill in login credentials and encrypt any entrusted data within a personal digital vault.
These platforms not only allow any given UK manufacturer to avoid falling victim to a password-related data breach, but also help to take the pain out of managing and remembering passwords for its employees.
The responsibility ultimately lies with IT decision makers to implement the cyber security policies that suit their organisation. That being said, a large majority of IT leaders within the UK manufacturing industry are in fact warming to the idea of a new, external body, which would ensure consistency across the industry when it comes to cyber security. This body would be put in place to hold businesses accountable for their cyber security policies, lightening the burden placed upon IT leaders at present.
Furthermore, the prevalence of recent supply-chain attacks has left businesses worried about the cyber security practices of their partners and vendors. A large majority of UK manufacturers are therefore in agreement that businesses should have a level of certified cyber security protection in place before being allowed to trade, as this would help to build collective protection against cybercrime across the industry
UK manufacturers are feeling the pressure, and although IT decision makers are working hard to keep their business as secure as possible, they are fighting an uphill battle. It is therefore imperative that UK IT leaders within the industry focus on the basics, starting with education and effective password management.
Only when UK manufacturers take decisive action and invest in powerful cyber security solutions can they buck the trend and avoid falling victim to the many cyber attacks they will be exposed to in the years to come.
About the author
Craig Lurey is the CTO and Co-founder of Keeper Security. Craig leads Keeper Security’s software development and technology infrastructure.