SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom
Flux result 4a8b511c 9850 4b28 8f90 f3b8fc016178
#
DR
#
Ransomware
#
Endpoint Protection

UK manufacturers hit by cyber attacks, survey finds

Wed, 1st Apr 2026
Author image
By Shannon Williams, News Editor

Cyber incidents affected 78% of UK manufacturers in the past 12 months, according to research commissioned by ESET. More than half of those hit, 53%, reported lost revenue.

The findings, based on a poll of 500 senior decision-makers in manufacturing, suggest widespread operational disruption across the sector rather than isolated IT failures. Among manufacturers that suffered an incident, 95% reported a direct business impact.

Shutdowns were common. Three quarters of manufacturers said a cyber attack had caused a full or partial shutdown lasting at least one day. Of those, 56% reported downtime of one to three days, while 19% said outages lasted four to seven days.

Financial damage also featured heavily. More than half of the most serious manufacturing cyber incidents recorded in the past year led to losses of at least GBP £250,000, while 53% of respondents said incidents had reduced revenue.

Beyond production stoppages, the survey found knock-on effects across supply chains and customer relationships. Some 44% of respondents reported supply chain disruption, and 39% said they had missed customer or supplier commitments.

The figures follow disruption caused by the cyber attack on Jaguar Land Rover, which ESET said cost the UK economy an estimated GBP £1.9 billion. The company argued the incident showed how cyber disruption in manufacturing can spread beyond a single business and continue after systems are restored.

Board Gap

Despite the scale of the issue, responsibility for cyber risk remains outside the boardroom in many companies. Only 22% of manufacturers assign accountability for cybersecurity to board or executive leadership, while 55% place primary ownership with IT teams.

That split appears to influence spending decisions. Among manufacturers with a cybersecurity budget, 63% said preventive measures were more cost-effective, yet 21% still favoured a reactive approach.

The survey also pointed to limited visibility over operational risks. One in five respondents said they had limited or no visibility into cybersecurity threats that could disrupt production, suggesting some manufacturers remain exposed through weaknesses in industrial and operational systems.

Threat Shift

Respondents also said the threat picture is changing. AI-enabled attacks were cited by 46% as a potential threat to production over the next 12 months, ahead of phishing at 42%, ransomware at 40% and unauthorised system access at 38%.

The prominence of AI-related threats reflects broader concern that automation is making malicious activity easier to scale and harder to detect. In manufacturing, where production environments often combine older operational technology with newer connected systems, that concern can quickly translate into plant shutdowns and delivery delays.

Matt Knell, UK Country Manager at ESET, said the findings showed companies were still struggling to treat cyber risk as a core business issue rather than a technical problem.

"If the JLR attack showed us anything, it is how quickly a cyber incident can shut down production at scale and have major consequences for the business and the wider economy," Knell said.

"The real challenge is that many organisations still treat cybersecurity as an IT issue rather than a strategic business decision. When it sits outside the boardroom, it is harder to prioritise appropriately.

"What is striking is that many organisations still see reactive approaches as more economical, despite the evidence to the contrary. With many major incidents resulting in six-figure losses and widespread operational disruption, the cost of reacting after the fact can be significant. By contrast, investing in advanced endpoint protection and managed detection and response services can provide continuous, 24/7 monitoring and access to specialist expertise, helping organisations stay ahead of evolving threats even when internal teams are stretched. In that context, the idea that prevention is too expensive simply does not stand up.

"The organisations that get ahead of this will be the ones that treat cybersecurity as a core part of how they run the business, not just something for IT to manage."

Related stories
Automotive microcontroller market set to hit USD $15.1bn
Vodafone & Google Cloud launch AI & security tools
Locai Labs deploys AI coding assistant at First Light Fusion
BlackBox Hosting partners Everpure for sovereign cloud
Infosecurity Europe adds AI summit amid cyber defence shift

Top stories

AI tools widen cyber attack threat, Flashpoint warns
AI flaws & supply-chain risks top new pentesting report
Exclusive: Google Cloud on the road to autonomous SecOps
Zapier expands AI governance controls for enterprise users
Avatier launches offline card after Stryker cyberattack