According to the EFF, the manufacturing sector is now the UK’s third most heavily targeted industry by cybercriminals. Despite this, organisations within the sector are among the least well prepared to defend themselves.
Security maturity levels in the manufacturing sector vary and almost half of UK manufacturers report that they have fallen victim to cyber-attacks, with many more incidents likely going undetected.
Common cyber security challenges in the manufacturing industry include:
• Reversing an industry-wide lack of security awareness
• Combatting industrial espionage and operational disruption
• Protecting sensitive data, capital and intellectual property
• Managing security in the era of Smart Manufacturing and Industry 4.0
• Mitigating cyber security risks across the supply chain
• Identifying and eliminating Industrial Control System (ICS) vulnerabilities
Security questions manufacturers should be asking of their cyber security:
Although there are no industry specific standards governing cyber security in manufacturing, a number of far reaching standards have a direct impact on organisations operating in areas such as food and drink, textiles, automotive and engineering.
The General Data Protection Regulation (GDPR) and Data Protection Act 2018 (DPA), require all organisations that process personal data to ensure it is protected against unauthorised processing, accidental loss and destruction. Breaches must also be reported to a relevant authority within 72 hours, and non-compliance could lead to heavy regulatory sanctions.
€20 million or 4% of global turnover (whichever is greater)
The maximum GDPR penalty for a cyber security breach.
The importance of quality control in manufacturing means that ISO 9001 is also of particular relevance. Supply chain management is an important part of the certification process, requiring manufacturers to make efforts to verify the security of their suppliers and partners in order to minimise cybersecurity risks.
Redscan has extensive experience helping organisations across the manufacturing sector better understand their security risks, identify and eliminate vulnerabilities, proactively detect and respond to threats and achieve hassle-free regulatory compliance.
Functioning as an extension of in-house IT resources, ThreatDetect™ is an award-winning MDR service supplying the capabilities needed to monitor, hunt for and remediate cyber-attacks and breaches 24/7.
Experience a real-world cyber-attack simulation to identify the weaknesses an attacker could exploit, quantify the value of data that could be exfiltrated and assess the effectiveness of security investments.
Our CREST-approved, fully customisable pen test engagements enable you to identify vulnerabilities and exposures in your infrastructure, applications, people and processes in order to reduce security risk.
"If you want a solution where someone will look after you 24/7 and give you a very flexible, professional and agile service – you want Redscan"
“I can offer a higher level of assurance at board level about our information security now. Redscan gives us a broader lens on a complex and changing environment.”
"Our partnership with Redscan has been one of the most successful that we have ever undertaken"
“Services like ThreatDetect are few and far between.”
"Redscan’s hands on approach identified security flaws that had previously been overlooked by other vendors"
The Privacy and Electronic Communications Regulations (PECR) sit alongside the GDPR and DPA to enforce strict rules concerning the protection of electronic communications. Any organisation that sends …