Cyber Security and Manufacturing: Discussing Risk, Drivers, and Consequences

When we imagine factories nowadays, no one pictures workers individually putting parts together on a ramp. What we picture now are machines assembling parts into products. Whilst we have discussed on our blog the innovation and advancements occurring in the manufacturing and industrial sector, particularly industry 4.0, we have not discussed the issues as a consequence of new technology.

Automating manufacturing is obviously a benefit to manufacturing and increases efficiency, but this can leave manufacturers prone to cybersecurity risk. MAKEUK recently release a report in collaboration with BlackBerry discussing the connection between cyber security and manufacturing. According to the report, “nearly half of the UK’s manufacturers (42%) have been a victim of cyber-crime over the last 12 months, but the majority (74%) said that the cyber protection processes they had in place prevented any business impact whatsoever”. This has resulted in manufacturers sustaining financial losses ranging from £50k to £250k.

The Problem of Cyber Security

There is a correlation between the size of a company and its cyber security systems. When broken down to size, larger companies (1000+ employees) know the importance and are implementing cyber security systems. Larger companies are more likely to have more interconnected technology, increasing their vulnerability to attack.

In terms of a corporate structure, 62% of all companies reported having a senior manager involved in a cyber security committee, 58% say that a main board director is responsible for the cyber security of the business, and 35% report to having a Chief Information Security officer.

In terms of geography, the regions they perceive a cyber security threat from are Russia, followed by China.

Risks and Barriers

The report discusses three main drivers of security attacks: (1) maintaining legacy systems (2) lack of cybersecurity skills (3) providing access to third parties.

The first risk is maintaining a legacy system. Smaller companies are most likely to implement a security systems and use it for the next 5-10 years. Whilst this was efficient at the time of installation, the system becomes defunct over time. The threat and technology for cyber security attacks is always evolving, if developers are not actively patching software, there are still likely exploits to be found in the future.

The second risk is lack of cyber security skills within staff. The lack of skills usually include emails containing malicious links, attachments or requests for information from imposters, and lastly, the most complex, is social engineering attacks.

Despite knowing the risks of this, 54% of companies have not taken any action even after adopting new technology. The only companies who invested in cyber protections were those that introduced systems from IoT.

The main barrier or cyber security system is the initial capital required to obtain these products. Implementing quality systems can be a large financial burden on companies, especially smaller ones. The second barrier is the maintenance of the security systems, which is usually time and cost. The third barrier is formal training to employees.

Drivers of Cyber Security Systems

So what is driving the cyber security market? It’s the technology, specifically IoT. IoT technology is more interconnected to the heart of manufacturing production, which makes it so operationally critical. Companies are more likely to protect this.

Cyber Security Market

In all, the report did a great job highlighting the problem, risks, and drivers of cyber security in the manufacturing and industrial sector. As the sector moves towards digitisation and automation, it will have no choice but to take the issue of cyber security more seriously. The alternative will be to lose competitiveness in a fast-paced world, especially if there is financial loss.

Data theft and malware are the common threats, which range from Cybercriminals are using a range of from old school phishing to more sophisticated malware – to gain entry for industrial espionage, data and patent theft. Legacy systems will not be enough and eventually companies will have to invest just as much into obtaining and maintaining cyber security compared to advancing their technology.

This create a huge market for cyber security in the software and technology market. According to Grandview Research, the global cyber security market was valued at USD 202.72 billion in 2022 and is projected to expand at a compound annual growth rate (CAGR) of 12.3% from 2023 to 2030. Not just the manufacturing and industrial sector, but other areas of the economy, such as emergence of e-commerce platforms, deployment of cloud solutions, and proliferation of smart devices are some of the factors driving the growth of the market.

If most companies do not adapt their systems, several organizations will incur significant losses in terms of revenue, brand reputation, unplanned workforce reduction, and business disruptions due to data breaches.

Whilst we all have a phishing email in our inbox, it will be important to understand the implication of what cyber security is, especially if it will affect all sectors of the industry as we move towards a digital world.

If you want to get in touch about anything cyber security related, don’t hesitate to do so. With the rapid demand in this space, this could be a good time to explore your options for raising funding or securing a valuable exit. Like always, if you have any interest, please reach out!

By Anusheh Khan on 25/01/2023