More than two in five (42%) UK manufacturers have been victims of cybercrime in the last 12 months, according to a new study by Make UK and BlackBerry. Of those organizations that were attacked, more than a quarter (26%) suffered significant financial losses ranging from £50,000 ($61,300) to £250,000 ($306,500). According to respondents, the main consequences of a cyber attack on their business are disruptions (65.2%) and reputational damage (42.9%).
Manufacturers have highlighted several operational technology (OT) security concerns in their organizations. The most important of these were supporting legacy IT (44.6%), limited cybersecurity skills within the business (37.5%), and providing access to third parties for remote monitoring and maintenance (33%). Respondents also cited issues of concern, such as understanding IT and OT security (26.8%) and an increased attack surface due to increased OT convergence (21.4%).
The growing Internet of Things (IoT) adoption has become a significant driver of cybersecurity adoption for one in three (30%) organizations. IoT technologies are often critical to today's manufacturing processes, such as sensors that can predict early IoT failures to improve efficiency.
However, more than a third (37%) of manufacturers acknowledged that cybersecurity concerns prevented the adoption of new connected technologies in their organizations, potentially reducing productivity. The manufacturing industry is becoming an increasingly attractive target for threat vectors such as ransomware due to the ability to disrupt operations by targeting IT and IoT environments, as well as the lucrative intellectual property (IP) data often held by manufacturers.
Speaking to Infosecurity, Keiron Holyom, BlackBerry's VP of UK & Emerging Markets, said: "If there's anything we've learned from the explosion of digital transformation over the past few years, it's that cybercriminals don't hesitate to identify and attack new vulnerabilities. Therefore, as manufacturing organizations implement more IoT technologies in their operational roles, the cyber defense must go hand in hand with deployment to ensure that newly connected devices do not become vulnerable to cyber attacks."
Unfortunately, more than half (54%) chose not to take further cybersecurity action despite the introduction of new technologies to increase production.
Nearly two-thirds (62%) of respondents offer formal cybersecurity training to their employees, though this has fallen to 50% in smaller companies with nine or fewer employees. Encouraging is the significant increase in manufacturers implementing proper cybersecurity incident response measures to 62%, up 11% from 2021.
In addition, in this sector, businesses are actively involved in cybersecurity. Nearly two-thirds (62%) of respondents reported that a senior manager currently sits on a cybersecurity committee within the company, and 58% said that a general board of directors director is responsible for ensuring cybersecurity in the firm.
Commentaires