According to the EFF, the manufacturing sector is now the UK’s third most heavily targeted industry by cybercriminals. Despite this, organisations within the sector are among the least well prepared to defend themselves.
Security maturity levels in the manufacturing sector vary and almost half of UK manufacturers report that they have fallen victim to cyber-attacks, with many more incidents likely going undetected.
Common cyber security challenges in the manufacturing industry include:
• Reversing an industry-wide lack of security awareness
• Combatting industrial espionage and operational disruption
• Protecting sensitive data, capital and intellectual property
• Managing security in the era of Smart Manufacturing and Industry 4.0
• Mitigating cyber security risks across the supply chain
• Identifying and eliminating Industrial Control System (ICS) vulnerabilities
Although there are no industry specific standards governing cyber security in manufacturing, a number of far reaching standards have a direct impact on organisations operating in areas such as food and drink, textiles, automotive and engineering.
The General Data Protection Regulation (GDPR) and Data Protection Act 2018 (DPA), require all organisations that process personal data to ensure it is protected against unauthorised processing, accidental loss and destruction. Breaches must also be reported to a relevant authority within 72 hours, and non-compliance could lead to heavy regulatory sanctions.
€20 million or 4% of global turnover (whichever is greater)
The maximum GDPR penalty for a cyber security breach.
The importance of quality control in manufacturing means that ISO 9001 is also of particular relevance. Supply chain management is an important part of the certification process, requiring manufacturers to make efforts to verify the security of their suppliers and partners in order to minimise cybersecurity risks.
Functioning as an extension of in-house IT resources, ThreatDetect™ is an award-winning MDR service supplying the capabilities needed to monitor, hunt for and remediate cyber-attacks and breaches 24/7.
Experience a real-world cyber-attack simulation to identify the weaknesses an attacker could exploit, quantify the value of data that could be exfiltrated and assess the effectiveness of security investments.
Our CREST-approved, fully customisable pen test engagements enable you to identify vulnerabilities and exposures in your infrastructure, applications, people and processes in order to reduce security risk.
"Redscan’s hands on approach identified security flaws that had previously been overlooked by other vendors"
“I can offer a higher level of assurance at board level about our information security now. Redscan gives us a broader lens on a complex and changing environment.”
“We’ve established a successful partnership with Redscan – their market leading cyber security offering is strong and we’ve won some exciting projects together”
"Redscan gave us the professional service and quick turnaround that we needed to meet our tight deadlines."
“Redscan has given us a third party stamp of approval for our IT security and the reassurance to know we are as secure as possible.”
Recent research indicates that the cyber security skills shortage is now approaching 3 million professionals globally. This blog examines the statistics and explains how, by outsourcing security …