EEF plea for cyber security as nearly 50% of UK manufacturers report attacks

The organisation’s CEO Stephen Phipson said that, despite this vulnerability, manufacturing was “amongst the least protected sector against cyber-crime in Britain”.

“We know businesses cannot afford to ignore this issue any longer and while we welcome government’s progress in improving cyber-security resilience to date through the work of the NCA and NCSC, there needs to be an increasing focus given to the specific needs of manufacturing, which hitherto has been lacking,” he commented.

“Failing to get this right could cost the UK economy billions of pounds, put thousands of jobs at risk and delay the supply of essential equipment to key public services and major national infrastructure projects.”

Phipson delivered the warning as the EEF released the results of its report, published in collaboration with AIG Europe.

The pair commissioned Britain’s leading geopolitical think tank, The Royal United Services Institute (RUSI), to carry out the study, titled Cyber-Security for Manufacturing.

Among its finding were:

• 48% of respondents report being subject to cyber attack
• 41% of respondents are unable to assess their cyber risk
• 45% believe they lack access to the necessary tools
• 12% have no processes in place to begin risk assessment

A key vulnerability, says the report, is poorly-protected office systems. These have often been the first systems implemented and are inadequately protected.

Romaney O’Malley, head of UK regions & head of industrials at AIG Europe, warned that, for many manufacturers, cyber risk is still not considered a principal risk on the risk register although attacks were becoming “more sophisticated and more broadly disruptive”.

Five steps the report advises as a necessary starting measure are:

• Use a firewall to secure your internet connection
• Choose the most secure settings for your devices and software
• Control who has access to your data and services
• Protect yourself from viruses and other malware by using antivirus software, only downloading apps manufacturer-approved stores, or running apps and programs in an isolated environment
• Keep your devices and software up to date by patching regularly.

RUSI director general Dr Karin Von Hippel added: “The importance of the manufacturing sector to the security of the UK economy cannot be overstated. Increasing digitisation creates further opportunities, but also exposes us to potential vulnerabilities to cyber-attacks, whether from criminals or nation-state adversaries. The sector needs to recognise these risks and respond accordingly.”

The full report can be viewed here.