The vast majority of British manufacturers have experienced a cyber incident in the past 12 months, with more than half reporting lost revenue as a result.
A survey of 500 senior decision-makers responsible for IT, OT, operations, risk or security from ESET found that 78% had been hit, with 53% of them recording an impact on revenue.
A similar proportion of the biggest manufacturing cyber incidents led to losses of at least a quarter of a million pounds
Three-quarters of respondents said they'd experienced full or partial shutdown for at least one day as a result of a cyber attack, with one-in-five reporting four to five days of production downtime.
Meanwhile, 95% reported a direct impact on their business, with 44% citing supply chain impacts and 39% highlighting missed customer or supplier commitments.
“If the JLR attack showed us anything, it’s how quickly a cyber incident can shut down production at scale and have major consequences for the business and the wider economy,” said Matt Knell, UK country manager at ESET.
“The real challenge is that many organizations still treat cybersecurity as an IT issue rather than a strategic business decision. When it sits outside the boardroom, it’s harder to prioritize appropriately."
Manufacturers face growing threats
According to ESET, the threat landscape is evolving rapidly, with 46% of respondents now citing AI-enabled attacks as a top concern for organizations, ahead of phishing (42%), ransomware (40%), and unauthorized system access (38%).
However, many UK manufacturers lack a full understanding of their exposure, with one-in-five reporting having limited or no visibility into cybersecurity risks that could disrupt production.
A key issue for many organizations is that responsibility for managing risk rarely sits at the board level, with only 22% assigning accountability to board or executive leadership, and ownership instead sitting primarily within IT in 55% of cases.
Notably, while nearly 63% of organizations said they believe preventative measures are more cost-effective when dealing with cyber incidents, 21% said they still favor reactive approaches.
Knell warned that research proves this is rarely the case and firms could risk significant operational and financial losses.
“With many major incidents resulting in six-figure losses and widespread operational disruption, the cost of reacting after the fact can be significant," he said.
FOLLOW US ON SOCIAL MEDIA
Follow ITPro on Google News and add us as a preferred source to keep tabs on all our latest news, analysis, views, and reviews.
You can also follow ITPro on LinkedIn, X, Facebook, and BlueSky.
Claude Code creator confirms cause of massive source code leak
Apple turns 50: ITPro's favorite devices
15-year-old revealed as key player in Scattered LAPSUS$ Hunters
Former NCSC head says the Jaguar Land Rover attack was the 'single most financially damaging cyber event ever to hit the UK' as impact laid bare
Jaguar Land Rover says IT disruption set to continue
