Almost half of Britain’s manufacturers (42 percent) have been a victim of cybercrime over the last 12 months, according to new research.
The data emerged in a new report – Cyber Security: UK manufacturing – published today by manufacturers organization Make UK and BlackBerry, which also revealed over a quarter of respondents (26 percent) reported substantial financial loss due to an attack, with losses ranging from £50,000 to £250,000, say researchers.
Almost all – 95 percent – say cybersecurity measures are necessary for their company, while two-thirds indicate the importance of cybersecurity has increased in the last 12 months. The majority (54 percent) decided not to take any further cybersecurity action despite adopting new technologies to boost production.
UK manufacturers face a battery of cybersecurity risks, ranging from simple employee error to complex targeted attacks, say researchers. The top three cybersecurity vulnerabilities were identified as maintaining legacy IT (45 percent), a lack of cyber skills within the company (38 percent), and providing access to third parties for monitoring and maintenance (33 percent). The research also found that production stoppages were the most common result of a cyberattack (65 percent), with reputational damage ranking second (43 percent).
The adoption of the industrial Internet of Things (IoT) is shown to be the biggest driver behind cybersecurity adoption for one in three organizations (30 percent). These new IoT processes, such as automated sensors driving efficiencies, sit at the heart of manufacturing production and are seen as business-critical functions. However, just over a third (37 percent) say that concerns about cyber vulnerability have prevented the introduction of new connected technologies into their organization, hampering potential productivity gains and holding companies back from growth.
62% of manufacturers now have a formal cybersecurity procedure
Targeted attacks are the most common, with smaller companies often the most vulnerable, yet many offer no cybersecurity training to staff. A total of 62 percent of manufacturers now have a formal cybersecurity procedure in place in the event of an incident, up 11 percent on last year’s figures, with the same number giving a senior manager responsible for cyber security. More than half (58 percent) have escalated this responsibility to the board level.
Stephen Phipson, CEO of Make UK, the manufacturers’ organization, says: “Digitisation is revolutionizing modern manufacturing and becoming increasingly important to drive efficiencies in this incredibly difficult inflationary environment. While cost remains the main barrier to companies installing proper cyber protection, the need to increase the use of the latest technology makes mounting a proper defense against cyber threats essential.
“No business can afford to ignore this issue, and while the increased awareness across the sector is encouraging, there is still much to be done. Failing to get this right could cost the manufacturing industry billions of pounds and put thousands of jobs at risk. Every business is vulnerable, and every business needs to take the necessary steps to protect themselves properly.”
The composition of cyber defense across UK industry is wide – with 89 percent of companies investing heavily in antivirus software and firewalls to secure internet connections. Threats originating in Russia and China are now considered the main challenge to cybersecurity for UK manufacturers (75 percent).
“Clearly, the UK manufacturing industry is acutely aware of the threat that cybercrime presents,” says Keiron Holyome, VP UKI, Eastern Europe, Middle East and Africa at BlackBerry. “With attacks increasingly targeting operational infrastructures at the heart of major economies, the bigger issue is the majority of manufacturers that may not be aware that they have already been compromised. In our experience, it is possible – indeed, likely – that malware is present in legacy infrastructure, just waiting for the right time to strike.
“Today’s sophisticated threats are not deterred by outdated antivirus and firewall protection; it’s time for industry management to bring in the big guns of preventative cybersecurity to protect against all vulnerabilities, from accidental insider breaches through to the very real threat of nation-state attacks.”
Source: Technology Magazine