By Tanya Arturi, Digital, Tech & Cyber Development Lead, GM Business Growth Hub
Could you afford to lose £330,000 to get your business back from hackers?
Manufacturing remains the top-targeted industry in IBM’s 2025 incident response dataset, and The European Union Agency for Cyber Security (ENISA) assesses cybercrime as the primary threat to the EU manufacturing sector. Government-commissioned research published in late 2025 estimated the average cost of a significant cyber attack to a UK business at almost £195,000 and estimated the manufacturing-sector average for a significant attack at roughly £330,000.
Manufacturers are exposed to both information technology and operational risks, in which attackers usually do not need bespoke industrial malware to cause serious operational harm. The most common paths are stolen credentials, exploited internet-facing systems, weak remote access, and third-party compromise. Once inside, attackers can encrypt file shares, disrupt ERP/MES/engineering workflows, exfiltrate sensitive drawings and commercial data, and force plant downtime even if Programmable Logic Controllers (PLCs) or safety systems are never directly tampered with.
On top of this, recent government data suggests that over half of UK businesses have suffered a major security breach via an external partner. For manufacturers operating just-in-time, even a short disruption at one small supplier can halt entire production lines for weeks, as high-profile cases like the Jaguar Land Rover shutdown have shown.
Unfortunately, many still treat cyber as a discretionary overhead.
Three key realities stand out for UK manufacturing:
- Smaller suppliers are prime targets. They’re less resourced and more vulnerable but still have trusted access.
- Old operational systems remain exposed. Many factory-floor machines were never designed to be connected to a network.
- Human error is still the top cause. Phishing scams account for around 85% of all successful cyber attacks, often disguised as invoices or shipping notifications.
Cyber-attacks have severe ripple effects across manufacturing networks. When a major client is hit, smaller suppliers can suddenly lose payments, orders, and cash flow - pushing some to the brink of collapse. With cyber insurance becoming harder to secure unless businesses can prove strong internal controls and supplier oversight and regulators also increasingly investigating supplier-related breaches, manufacturers now face a complex web of legal, financial, and reputational risks.
Below are the most common cyber threats aimed at manufacturing companies:
Threat |
Why it matters most to SME Manufacturers |
Typical route |
| Ransomeware and extortion | Fastest route to lost production, delayed shipments, and cashflow stress | Phishing, exposed services, vulnerable edge devices, stolen credentials, third-party compromise |
| Phishing and business email compromise | Still the most common entry path; can lead to credential theft, malware, invoice fraud, and lateral movement | Email lures, fake portals, impersonation, QR phishing, MFA-bypass kits |
| Supply chain compromise | Manufacturers depend on MSPs, machine vendors, logistics platforms and shared engineering data | Compromised suppliers, abused vendor access, tainted software, poor supplier assurance |
| IP theft and espionage | Drawings, formulas, toolpaths, quotes, defence/automative data and customer specs are monetisable and strategically valuable | Targeted intrusion, stolen credentials, web app compromise, partner access |
| OT/ICS disruption | Even where attackers cannot reprogramme control logic, they can disrupt production by affecting supporting systems, gateways or OT-adjacent services | Vendor remote access, flat networks, vulnerable remote access gateways, maintenance laptops, weak segmentation |
| Insider misuse and errors | SMEs often rely on shared roles, broad privileges and trust-based processes; accidental actions can be as costly as malice | Privilege misuse, weak joiner/leaver controls, unmanaged break-glass access, poor oversight of contractors |
Verizon’s 2025 manufacturing snapshot reports that more than 90% of cyber security breaches are from: system intrusion, social engineering and basic web application attacks.
Where to Start: Building a Cyber-Resilient Supply Chain
You don’t need a massive budget to make meaningful progress. The key is to start small, focus on the essentials, and build up over time. Here are the top actions SME manufacturers should take now:
Treat supplier security as a business continuity priority (not just an IT task). Discuss the top supplier risks at least quarterly and tie them to production and financial exposure.
Identify your most critical suppliers whose failure would stop production. Focus risk resources on this small subset first before expanding outward.
Implement access controls and continuous authentication for all external partners. No connection (not even from a trusted supplier) should go unchecked.
Include clear cyber security standards in contracts (such as Cyber Essentials Plus or ISO 27001) and ask for evidence annually.
Ensure your factory control systems are segmented from your corporate network. If a supplier’s email system is hacked, it shouldn’t affect your production line.
Ask vendors for a Software Bill of Materials (SBOM) - a full list of software components - to respond faster if new global vulnerabilities emerge.
Move beyond annual training. Short, scenario-based exercises help staff recognise phishing attempts and respond calmly during real incidents.
Simulate an attack with your key partners to test technical recovery, communications, and financial continuity. Practise how you would operate if your main supplier went offline tomorrow.
From a legal and assurance perspective, the sensible route is risk-led compliance, not document-led theatre. In the UK, the practical baseline is:
The Way Forward
Cyber attacks are now part of the modern industrial landscape - but they don’t have to paralyse your business. Strengthening your defences, demanding higher security standards from partners, and embedding cyber resilience into everyday operations are now essential to compete and grow. Collectively, the UK manufacturing sector has the expertise and innovation to stay ahead, but only if it treats cyber security as seriously as safety, quality, and productivity.
Manufacturers can also join our upcoming interactive cyber workshop this June. Led by the North West Cyber Resilience Centre (NWCRC), it will cover the latest threats facing the sector and practical steps to strengthen your defences, alongside engaging activities designed to bring real-world risks to life. More details coming soon.
Want to learn more or get support developing your cyber resilience plan? Contact our specialist cyber and manufacturing advisors to explore tailored guidance for your sector.