Cybersecurity: A wake-up call for UK manufacturing

Posted on 13 Jun 2018 by The Manufacturer

The opportunities for UK manufacturing from digitalisation are huge – but there are risks. The need for cybersecurity is real and growing, and businesses need to take action now to protect their intellectual property, processes and to secure future customers.

Cybersecurity is import for every manufacturer. Image courtesy of Pixabay.
Cybersecurity is import for every manufacturer. Image courtesy of Pixabay.

We all remember the cyberattack on the NHS last year, but the popular perception is still that it’s banks, energy companies and defence and security installations that are most at risk.

However, our recent research shows that the manufacturing sector is now the third most significant target for cybercriminals. This can result in a wide range of impacts, from the theft of sensitive data, or disruption of access to systems, up to industrial espionage for competitive advantage.

In our survey, 48% of companies said that they have, at some time, been subject to a cybersecurity incident. Half of them suffered some financial loss or disruption to business as a result. There seems little doubt that many more attacks will have gone undetected.

This article first appeared in the June issue of The Manufacturer magazine. To subscribe, please click here

Missed opportunities

As we move into the Fourth Industrial Revolution and increased digitalisation, cyber-related risks for manufacturers are only likely to deepen and broaden.

While 91% of businesses surveyed say they are investing in digital technologies, 35% consider that cyber-vulnerability is inhibiting them from doing so fully. This suggests that opportunities are being missed and some businesses risk falling behind in the race to digitalise.

This trend must be stopped and reversed, to ensure the UK stays at the vanguard of manufacturing excellence.

Across our sector, maturity levels are highly varied, both in terms of awareness of the cybersecurity challenge and the implementation of appropriate risk-mitigation measures.

We found that 41% of manufacturers don’t believe they have access to sufficient information to confidently assess their specific risk, and 45% are not confident they are prepared with the right tools for the job.

A worryingly large 12% of manufacturers surveyed have no process measures in place to mitigate against the threat.

How are you coping with the demands of this rapidly changing digital world?

The Manufacturer has created a survey to understand how UK manufacturers are using different digital products from the shop floor to the back office.

It takes just a few minutes to complete and all participants will receive a free copy of the resulting report in order for you to benchmark yourself against your peers.

It will take just a few minutes to complete the survey

We welcome the steps government is taking to improve national cybersecurity resilience, but to date, no priority has been given to the specific needs of manufacturing – this must change.

There needs to be a particular focus on the requirements of our sector, acknowledging that a one-size-fits-all approach for business is insufficient and, just as important, recognition that comprehensive security cannot be the exclusive domain of large businesses who can afford bespoke end-to-end protection.

Take action now

The impetus for change must come from manufacturers themselves. The need to have demonstrable cybersecurity safeguards in place is becoming ever more necessary to operate in the business environment as, increasingly, many companies have already been asked by a customer to demonstrate or guarantee the robustness of their cybersecurity processes.

As a result, manufacturers are asking the same of businesses within their supply chain. For the one third of manufacturers who reported that they could not do this if asked to today, business will become increasingly challenging.

Our research should act as a wake-up call for those companies who have not embarked on, or are at the start of their cybersecurity journey. Failure to do so now could have serious consequences, resulting in disruption and lost business.


Stephen Phipson CBE, chief executive, EEF.