https://www.xperience-group.com/case-study/building-cyber-resilience-in-global-manufacturing/
| Industries | |
|---|---|
| Solutions |
As global manufacturer of hydraulic systems supporting the earthmoving, construction, and agricultural sectors, this company has sites across the world with UK employees and over 300 globally. They had standard IT defences in place but no advanced cyber security solutions at the time of the incident.
In Q4 2023, the business experienced a targeted ransomware attack triggered by a phishing email. There had been no cyber awareness training which meant that the nature of the email wasn’t spotted before login details were stolen. The breach was immediately noticed when ransom messages began printing across all network-connected printers worldwide – a clear sign of a well-planned and significant breach.
The business came to a standstill and all users were offline for approximately 24 hours while investigations were carried out. The organisation faced 5 to 7 days of severe disruption before beginning to return to business as usual.
Xperience’s Security Operations Centre (SOC) responded immediately by isolating the affected user groups, securing the servers, and locking down administration access to prevent further escalation. Root cause analysis began right away, while simultaneously working on fixes for the breach.
The SOC and Service Support teams worked closely with the client’s internal team and the insurance-appointed incident response specialists. Throughout the process, the Xperience Account Manager maintained consistent communication, keeping the client updated and informed at every step.
Following containment and initial recovery, the business undertook a full Baseline Penetration Test to gain a better understanding of its overall cyber security position. The results informed a strategic technology roadmap to guide reparation efforts and future improvements.
The client also started updating all its policies and procedures to meet Cyber Essentials Plus standards, driving stronger group-wide awareness of cyber threats and training all users to recognise and respond to potential risks.
While the breach caused significant short-term disruption, the quick response and collaborative approach limited the long-term damage. The company came out of the breach with a stronger, more informed approach to cyber security – shifting from basic protections to a proactive, best-practice-aligned policy.
Cyber awareness training and the adoption of Cyber Essentials Plus are already underway across the group. This investment in people, process, and protection signals a long-term commitment to building cyber resilience and reducing the risk of future attacks.
Want to learn more?