New data from ESET shows that 78% of U.K. manufacturers experienced a cybersecurity incident in the last 12 months, while 52% of cyber incidents routinely resulted in six-figure financial losses. The findings also indicate that three out of four U.K. manufacturers experienced between one and seven days of downtime following cyber incidents, with 95% reporting business disruption as a result. This comes as the impact of these incidents is financial and operational. Over half of affected organizations reported costs above UK£250,000, with nearly one in five facing losses above £1 million. These costs typically include lost revenue during downtime, recovery and remediation expenses, including reputational damage, and third-party support and investigation costs.
Titled ‘ESET for Manufacturing: Simplified, Scalable, Secure,’ the report details that eight in ten manufacturing organizations experienced a cyber incident in the past year, making it clear that these events are no longer isolated but part of the day-to-day. At the same time, threats are becoming more advanced, with AI-enabled attacks now seen as the leading concern for the year ahead.
“Unlike many other sectors, cyber-attacks in manufacturing environments can directly interrupt physical operations, bringing production lines to a halt and disrupting the flow of goods,” ESET reported. “When operational technology systems are compromised, the impact is immediate and tangible with machinery being forced offline or processes halted. Even short periods of downtime can create a snowball affect putting contractual delivery commitments at risk, particularly in sectors reliant on continuous production or just-in-time supply chains.”
Beyond direct costs, cyber incidents lead to production downtime, missed commitments, and supply chain disruption. 95% of organizations reported business impacts, showing that cyber risk is heavily aligned with business risk in manufacturing. When considered alongside the high prevalence of cyber incidents, the case for robust cybersecurity risk management becomes clear as attacks are not only frequent but financially damaging.
“43% of respondents believe their organization is likely to experience a cyber-attack or breach within the next 12 months, rising to 51% among larger businesses, compared with 39% of smaller organizations,” according to the report. “This suggests that both current exposure and anticipated risk remain high. At the same time, the nature of cyber threats is evolving. With the rise of AI-enabled attacks, nearly half of organizations (46%) identify them as a key risk to production in the coming year, overtaking traditional threats such as phishing and ransomware. This indicates that more proactive and sophisticated security must be put in place to avoid heavy production delays and wider business loss.”
Based on a survey of 500 senior manufacturing decision-makers, the report underscores how cyber incidents are no longer isolated IT events but widespread operational risks, with more than half of affected organizations reporting lost revenue, alongside knock-on impacts including supply chain disruption and missed business commitments.
Recognizing key challenges that remain from limited visibility into emerging threats and an over-reliance on IT teams to manage cyber risk, highlighting gaps in organizational readiness, the ESET report sought to address these challenges. “Cybersecurity must be elevated to a board-level priority and rolled out across the organization. A more strategic, collaborative approach, supported by specialist expertise where needed, will be key. Ultimately, manufacturers that treat cybersecurity as part of their everyday, not just a technical function, will be in the strongest position to operate securely and stay competitive in an increasingly complex threat landscape.”
The report identified that production downtime remains significant, with 75% experiencing between one and seven days of disruption, including 56% reporting downtime lasting one to three days and 19% experiencing disruption lasting from four to seven days.
Business consequences extend well beyond the initial incident, as suppliers, logistics networks, and customers are all affected when production stops, allowing a single disruption to escalate into a broader operational and commercial issue. Cyber incidents also lead to wider organizational impacts, with 53% reporting lost revenue, 44% experiencing supply chain disruption, and 39% missing customer or supplier commitments, while more than a third face reputational damage. Notably, only 5% of organizations reported no business impact, reinforcing that cyber incidents almost always result in tangible consequences.
ESET reported that with 57% of budgets allocated to preventative measures and 63% of manufacturing organizations believing these measures offer better value, there is an evident trend between spending decisions and organizational mindset. This shows that there is a growing recognition that preventing cyber incidents is more cost-effective than responding to them, that cybersecurity is being treated as a long-term investment rather than just an operational expense, and that organizations are moving toward a more mature security posture.
“With nearly 78% of manufacturing organizations experiencing cyber incidents in the past year and many of these costing over £250,000, cybersecurity can no longer be treated as an operational issue,” ESET reported. “Responsibility should sit at board level to enable more proactive, strategic investment.”
Responsibility for managing cybersecurity risk is primarily assigned to IT teams, with 55% of organizations placing it under IT leadership. In contrast, only 22% assign this responsibility to board or executive leadership, while 21% place it within operations.
In conclusion, ESET recognized that the need for preventative and effective cybersecurity in the UK manufacturing sector is critical. With most organizations experiencing an incident each year and financial losses often reaching six or seven figures, manufacturers must move beyond viewing cybersecurity as a technical concern.
“The impact of cyber incidents goes beyond internal systems, with disruption to supply chains, delayed deliveries and missed revenue highlighting the wider business risk,” it added. “Resilience is now at the forefront of business priorities and cybersecurity should be treated as a business-critical issue requiring collaboration across IT, operations and senior leadership. Organizations that adopt this approach are far more likely to have business continuity in an increasingly complex threat landscape.”
In March, the U.K. National Cyber Security Centre (NCSC) urged organizations to review and strengthen their cybersecurity posture in response to the escalating conflict in the Middle East, warning that heightened geopolitical tensions can elevate the risk of retaliatory or opportunistic cyber activity affecting British networks. The ongoing conflict in the Middle East has not resulted in a significant increase in direct cyber threats from Iran to the U.K. at this stage. However, the rapidly evolving situation means that assessment could change with little warning.
