Cybersecurity in manufacturing: lessons from high profile attacks

Several recent high-profile cyber incidents affecting major UK brands have shone a spotlight on just how disruptive a cyber breach can be for manufacturers – not only for an organisation itself, but for its entire supply chain.

In some cases, attackers infiltrated core IT environments, leading to operational downtime and interruptions to production or service delivery. In others, breaches centred on customer-facing systems, exposing personal data and forcing businesses to suspend online services. There have also been incidents where compromise occurred through third-party providers or technology partners. In all instances, the consequences were far-reaching, with businesses across the supply chain experiencing disruption and financial losses.

The recent cyberattack on Jaguar Land Rover (JLR) in August 2025 is an example of this. JLR was forced to pause production for several weeks, dealer systems were intermittently unavailable, and suppliers faced cancelled or delayed orders amid uncertainty over future demand. As is often the case, the consequences didn’t stop at JLR’s doors: businesses across its supply chain suffered financial losses, and jobs were put at risk as companies took steps to remain viable.

Let’s take a closer look at some of the key lessons manufacturing businesses can take from these incidents to help better protect their operations from similar challenges.

1. Treat cybersecurity as a strategic priority

According to the National Cyber Security Centre (NCSC), in the year to August 2025, 429 cyber incidents were recorded, of which 204 were deemed “nationally significant”, more than double the figure for the previous year (89).

This increase in significant incidents is echoed by some of the businesses I speak to. Many manufacturers – large and small – have been targeted by cybercriminals over the past year, even where robust security controls were in place. In some cases, the entry point can be surprisingly basic, like a legacy system left connected to the network, creating an opening for attackers to exploit.

As cyberattacks continue to grow in sophistication, frequency and impact, the UK Government has been clear that cyber resilience must be treated as a strategic priority. In a letter[1] published in October 2025, it speaks directly to CEOs and boards, urging them to take collective action to protect not just their own organisations, but the wider UK economy – and pointing them towards government-backed guidance and resources to help do so.

2. Understand today’s cyberthreats

Being aware of the most prevalent and emerging cyber risks is key to being able to safeguard your business. Our in-house cyber security experts highlight the following as top threats for UK manufacturers:

• One of the biggest cyber risks facing businesses, often bringing operations to a standstill and causing serious reputational damage along the way.
• Hacktivism and state-linked attacks. These include politically motivated hacks, denial-of-service and disruption of critical infrastructure attacks, and financially driven activity linked to hostile states.
• Insider threats. Employees can accidentally or intentionally cause harm, whether by making mistakes, falling for scams, or acting maliciously for personal gain.
• Emerging technologies. New technologies are also being exploited by cybercriminals. For example, generative AI is increasingly being used to create convincing phishing emails and deepfakes to trick employees.
• Supply chain risks. Rather than targeting well-protected organisations, attackers often focus on their partners, exploiting interconnected supply chains, to access sensitive data, steal information, or demand ransoms., or use that access to reach other organisations in the network.

 

3. Put the right security measures in place

So, what can manufacturers do to protect themselves?

From what I’m seeing, most manufacturing businesses now treat cybersecurity as a regular Board-level agenda item – exactly where it needs to sit.

To energise the whole organisation around cyber priorities, leaders say it’s essential that they truly understand the possible threats, stay up to date on emerging risks, and commit to meaningful investment in robust security measures. It’s encouraging to see that, according to our latest Logistics Confidence Index[2],  50% of manufacturers are in fact planning to increase their investment in cybersecurity to protect their business.

From my conversations with clients, some of this investment is directed towards hiring cybersecurity experts to manage technical defences – from multi-factor authentication to up-to-date firewalls. This is a positive and necessary step. However, in many of the breaches I hear about, people are often the weakest link, so investing in regular training and awareness campaigns for staff is just as important.

Our experts say that using recognised frameworks and conducting external audits can help enhance defences. Schemes like the Government-backed Cyber Essentials certification can also provide a practical benchmark for safeguarding against the most common internet-based cyber threats.

4. Plan for operational resilience

Regardless of how strong your defences are, no business is completely immune to a breach. Several of our clients have highlighted the importance of being prepared, and the need to have clear plans and processes in place that allow you to keep production running where possible, minimise operational disruption and recover quickly.

This starts with understanding your critical business processes and how much they rely on IT systems, then developing strategies to keep operations running if those systems go down.

A well-prepared team can make all the difference between a minor disruption and a full production halt. That’s why regular training and exercises are essential. Shop-floor staff, engineers and IT teams need to know their roles in a crisis and be able to act confidently under pressure, turning plans into action when it matters most. By rehearsing scenarios in advance, manufacturers can reduce downtime, limit financial loss, and protect trust with customers, suppliers, and partners.

To further strengthen your organisation’s defences, you can catch up on our Fraud Webinar replays, where experts break down real world scenarios and share practical steps to prevent fraud. Be sure to look out for our next live fraud webinar and register your place to stay ahead of emerging threats. And for continuous learning, explore our Fraud Hub, where you’ll find clear guidance, tools, and resources to help protect your business year-round.

[1] https://assets.publishing.service.gov.uk/media/68ecf8c6e7b6794c076bbd7f/HMG_cyber_letter_to_FTSE_350_-_for_sharing.pdf

[2] https://www.barclayscorporate.com/insights/industry-expertise/uk-logistics-confidence-index/