According to the EFF, the manufacturing sector is now the UK’s third most heavily targeted industry by cybercriminals. Despite this, organisations within the sector are among the least well prepared to defend themselves.
Security maturity levels in the manufacturing sector vary and almost half of UK manufacturers report that they have fallen victim to cyber-attacks, with many more incidents likely going undetected.
Common cyber security challenges in the manufacturing industry include:
• Reversing an industry-wide lack of security awareness
• Combatting industrial espionage and operational disruption
• Protecting sensitive data, capital and intellectual property
• Managing security in the era of Smart Manufacturing and Industry 4.0
• Mitigating cyber security risks across the supply chain
• Identifying and eliminating Industrial Control System (ICS) vulnerabilities
Although there are no industry specific standards governing cyber security in manufacturing, a number of far reaching standards have a direct impact on organisations operating in areas such as food and drink, textiles, automotive and engineering.
The General Data Protection Regulation (GDPR) and Data Protection Act 2018 (DPA), require all organisations that process personal data to ensure it is protected against unauthorised processing, accidental loss and destruction. Breaches must also be reported to a relevant authority within 72 hours, and non-compliance could lead to heavy regulatory sanctions.
€20 million or 4% of global turnover (whichever is greater)
The maximum GDPR penalty for a cyber security breach.
The importance of quality control in manufacturing means that ISO 9001 is also of particular relevance. Supply chain management is an important part of the certification process, requiring manufacturers to make efforts to verify the security of their suppliers and partners in order to minimise cybersecurity risks.
Functioning as an extension of in-house IT resources, ThreatDetect™ is an award-winning MDR service supplying the capabilities needed to monitor, hunt for and remediate cyber-attacks and breaches 24/7.
Experience a real-world cyber-attack simulation to identify the weaknesses an attacker could exploit, quantify the value of data that could be exfiltrated and assess the effectiveness of security investments.
Our CREST-approved, fully customisable pen test engagements enable you to identify vulnerabilities and exposures in your infrastructure, applications, people and processes in order to reduce security risk.
“I can offer a higher level of assurance at board level about our information security now. Redscan gives us a broader lens on a complex and changing environment.”
“We’ve established a successful partnership with Redscan – their market leading cyber security offering is strong and we’ve won some exciting projects together”
"Redscan’s hands on approach identified security flaws that had previously been overlooked by other vendors"
"Redscan's cost effective service gives us peace of mind that we are doing all we can to protect our clients, our business, our staff, our counterparties and other partners"
“Redscan has given us a third party stamp of approval for our IT security and the reassurance to know we are as secure as possible.”
An increasing number of businesses are leveraging SOAR to improve the effectiveness of their cyber security operations. In this latest blog, we explain how unlocking the value of …
Aware of his responsibility to protect his business against breaches, the CEO of an international trading organisation commissioned Redscan’s Red Team to perform a simulated cyber-attack.