ESET says cyber incidents are now a routine operating risk for UK manufacturers, with 78% reporting at least one incident in the past 12 months and 53% saying attacks led directly to lost revenue. More than half said their biggest incident in that period cost at least £250,000, a sign that cyber disruption is being felt on factory performance as much as on IT systems.
The operational effects run well beyond a single breach. ESET’s survey found 95% of affected manufacturers experienced a direct business impact, with 44% reporting supply chain disruption and 39% missing customer or supplier commitments. Among those that suffered a full or partial shutdown, 77% said downtime lasted between one and seven days, including 19% that were offline for four to seven days.
The findings land after the 2025 cyber attack on Jaguar Land Rover, which was estimated to have inflicted a £1.9 billion hit on the UK economy and exposed how quickly disruption at one manufacturer can cascade through suppliers, transport, and production schedules. They also sit against a broader rise in serious incidents: the National Cyber Security Centre said it handled 204 nationally significant attacks in the year to August 2025, up sharply from 89 the year before.
Matt Knell, UK country manager at ESET, said: “If the JLR attack showed us anything, it’s how quickly a cyber incident can shut down production at scale and have major consequences for the business and the wider economy.”
The company’s research suggests manufacturers are still struggling to match governance to the scale of that risk. One in five respondents said they had limited or no visibility into cyber threats that could disrupt production, while AI-enabled attacks were cited as the leading concern for the next 12 months, ahead of phishing, ransomware, and unauthorised access. Yet only 22% of businesses place accountability at board or executive level, with responsibility still sitting primarily in IT.
That gap already looks wider in manufacturing than across the wider economy. Government survey data for 2025 found 20% of businesses experienced at least one cyber crime in the past year, rising to 52% among large businesses, which leaves manufacturing’s 78% figure looking less like background noise and more like a sector warning. Knell said: “The organisations that get ahead of this will be the ones that treat cybersecurity as a core part of how they run the business, not just something for IT to manage.”
