UK manufacturers faced significant cybersecurity challenges last year, with 78% of firms reporting at least one cyber-related incident, according to a recent ESET survey of 500 senior decision-makers overseeing IT, operational technology (OT), operations, risk, or security. The findings indicate widespread sector exposure. Nearly all respondents (95%) cited operational impacts from incidents, and over half (53%) reported financial losses. Common operational consequences included supply chain interruptions (44%) and missed supplier or customer commitments (39%).
Background
Cybersecurity continues to escalate as a critical issue for manufacturing, especially as digitization and the convergence of OT and IT environments advance. Prior to this, around 42% of UK manufacturers experienced cyberattacks in 2022, with just over a quarter reporting financial losses of up to £250,000. The latest survey points to a substantial rise in both the frequency and severity of incidents. ESET's data places manufacturing among the most targeted industries, raising concerns about supply chain resilience and operational continuity.
Details
The survey, conducted in early 2026, found the majority of affected organizations reported downtime resulting from cyber intrusions. Of those experiencing full or partial shutdowns, 77% faced outages lasting one to seven days, and 56% experienced between one and three days of downtime. The threat environment is shifting toward more advanced attack vectors: 46% of respondents identified AI-enabled attacks as their top concern, followed by phishing (42%), ransomware (40%), and unauthorized system access (38%).
Gaps in governance and preparedness remain. Only 22% of organizations assign cybersecurity accountability at the board or executive level; most (55%) keep responsibility within the IT function. Additionally, 21% admitted to favoring reactive over proactive security strategies. Matt Knell, ESET UK country manager, noted that treating cybersecurity solely as an IT issue can hinder prioritization and lead to reactive, costly responses, especially as incidents frequently result in six-figure losses and significant disruption.
Outlook
The increase in cyber incidents may prompt UK manufacturers to recognize cybersecurity as a strategic concern that extends beyond IT. This shift could influence resilience strategies, incident response planning, and budgeting. Organizations involved in global supply chains are likely to focus more on supplier risk management and OT-specific vulnerabilities, with a growing emphasis on AI-related threats. Regulatory attention on critical infrastructure and supply chain security is expected to rise, reinforcing the need for elevated governance and proactive investment.
