According to the EFF, the manufacturing sector is now the UK’s third most heavily targeted industry by cybercriminals. Despite this, organisations within the sector are among the least well prepared to defend themselves.
Security maturity levels in the manufacturing sector vary and almost half of UK manufacturers report that they have fallen victim to cyber-attacks, with many more incidents likely going undetected.
Common cyber security challenges in the manufacturing industry include:
• Reversing an industry-wide lack of security awareness
• Combatting industrial espionage and operational disruption
• Protecting sensitive data, capital and intellectual property
• Managing security in the era of Smart Manufacturing and Industry 4.0
• Mitigating cyber security risks across the supply chain
• Identifying and eliminating Industrial Control System (ICS) vulnerabilities
Security questions manufacturers should be asking of their cyber security:
Although there are no industry specific standards governing cyber security in manufacturing, a number of far reaching standards have a direct impact on organisations operating in areas such as food and drink, textiles, automotive and engineering.
The General Data Protection Regulation (GDPR) and Data Protection Act 2018 (DPA), require all organisations that process personal data to ensure it is protected against unauthorised processing, accidental loss and destruction. Breaches must also be reported to a relevant authority within 72 hours, and non-compliance could lead to heavy regulatory sanctions.
€20 million or 4% of global turnover (whichever is greater)
The maximum GDPR penalty for a cyber security breach.
The importance of quality control in manufacturing means that ISO 9001 is also of particular relevance. Supply chain management is an important part of the certification process, requiring manufacturers to make efforts to verify the security of their suppliers and partners in order to minimise cybersecurity risks.
Redscan has extensive experience helping organisations across the manufacturing sector better understand their security risks, identify and eliminate vulnerabilities, proactively detect and respond to threats and achieve hassle-free regulatory compliance.
Functioning as an extension of in-house IT resources, ThreatDetect™ is an award-winning MDR service supplying the capabilities needed to monitor, hunt for and remediate cyber-attacks and breaches 24/7.
Experience a real-world cyber-attack simulation to identify the weaknesses an attacker could exploit, quantify the value of data that could be exfiltrated and assess the effectiveness of security investments.
Our CREST-approved, fully customisable pen test engagements enable you to identify vulnerabilities and exposures in your infrastructure, applications, people and processes in order to reduce security risk.
"Redscan gave us the professional service and quick turnaround that we needed to meet our tight deadlines."
"Should I need any security testing again in the future, Redscan would be my first port of call!"
“We’ve established a successful partnership with Redscan – their market leading cyber security offering is strong and we’ve won some exciting projects together”
"If you want a solution where someone will look after you 24/7 and give you a very flexible, professional and agile service – you want Redscan"
“Services like ThreatDetect are few and far between.”
In a crowded endpoint security market, it can be difficult to distinguish between technology offerings. With so many vendors claiming to provide comprehensive endpoint security, it’s essential …
Norsk Hydro, the multinational aluminium producer, has suffered a severe cyber-attack that has taken down IT systems and forced plants to resort to manual processes.
63% of driverless vehicle manufacturers leave at least half of their systems untested for cyber security vulnerabilities, recent research has revealed.
200 employees of poultry product manufacturer Bernard Matthews have had their bank account details and other personal data compromised by hackers.
The UK government has published a new voluntary Code of Practice to help improve the security of internet-connected devices such as smartwatches and toys.