The Industrial Cybersecurity Center in United Kingdom


Maite Carli García

Maite Carli is Communication Manager and General European Coordinator at the Industrial Cybersecurity Center. Specialized in administration of networks and communications, industrial critical infrastructures, industry 4.0, data analysis technologies in the Health sector and industrial cybersecurity, having done several advanced courses and a master. She has developed her professional career in the United Kingdom for […]

Luciano Manfredi

Luciano is UK Coordinator at the Industrial Cybersecurity Center. He currently works as Director of Cybersecurity at Price Waterhouse Coopers (PwC) after completing his role as Head of Cyber ​​Security Advisory (Competent Authority) at the Office of Gas and Electricity Markets (Ofgem), the UK energy regulator. His role focuses on the critical infrastructure market with […]

Dr. John McCarthy

Dr. John McCarthy is an authority on CyberSecurity strategy, development and implementation. John is also a leading expert on social engineering awareness training and best practice. He holds a PhD in CyberSecurity and e-Business Development and is an internationally recognized author of a number of academic papers discussing all aspects of CyberSecurity in the modern […]

Dr. John McCarthy and Luciano Manfredi, the Industrial Cibersecurity Center Coordinators in United Kingdom (CCI Coordinators Team), helps us to get in context of the state of the industrial cybersecurity in their country, and to do so, they share with us their impressions.

They describe the level of sensitivity of industrial organizations in their country according to the following percentages:

They also affirm that the trend of recent years has exponentially grown.

United Kingdom counts with local and national public bodies promoting an adequate legal framework, in order to ensure the progressive incorporation of industrial cybersecurity measures in national presence companies (mainly critical infrastructure). The main organizations are:

  • CNPI
  • Local governemnt
  • National Cyber Security Centre
  • Department for Digital, Culture, Media and Sport (NIS Regulations)
  • Department for Buisness, Energy and Industrial Strategy, Ofgem+H&S
  • Ofcom / Defra / Ofwat / Office for Nuclear Regulation (ONR)
  • Civil Aviation Authority

Among the main national laws and regulations affecting in this context in United Kingdom, Dr. John McCarthy and Luciano Manfredi mentioned:

  • Computer Misuse Act
  • Network and Information Security Regulations 2018 (NIS Regulations)
  • General Data Protection Regulation (GDPR)
  • Communications Act 2003
  • Privacy and Electronic Communications (EC Directive) Regulations 2003

Analysing the most widely adopted industrial cybersecurity measures by United Kingdom's organizations to protect industrial automation systems, Dr. John McCarthy and Luciano Manfredi highlight the application of:

  • Industrial cybersecurity consulting / advisory
  • Internal security audits
  • External security audits
  • Network design and architectures, Development of continuity and / or contingency plans, Backups
  • Compensating controls / Hardening (mostly for legacy systems)
  • SIEM (Security information and event management)

The CCI Coordinators in United Kingdom characterize the industrial cybersecurity situation in their country with the following SWOT analysis:


  • Lack of operational technologies certifications, processes and professionals

  • Legacy infrastructure


  • Public organizations driven force (industry, national issues and defence).

  • Awareness, especially regarding industrial critical infrastructures

  • Increase of Industrial cyber security trained professionals


  • Shortage of specific industrial cybersecurity risk management tools

  • Application of IT security measures without discretion

  • High development of industrial applications without cybersecurity requirements


  • Increased of cibersecurity demand for Industry 4.0 and the Internet of things.

  • Strategic position in the industrial cyber security sector


2nd Annual Oil & Gas Security Summit – London – June 12 & 13

On 12 and 13 June, will take place in London this conference dedicated specifically to the study of techniques for the prevention and mitigation of threats to oil and gas facilities, both at sea and on land.

The Voice of the Industry of the United Kingdom 2023

As a fundamental part of its activity, the Industrial Cybersecurity Center (CCI) held The Voice of the Industry in London on the 8th of June (9:00 a.m. to 14:00 p.m. GMT +1), one of the benchmark events for the European market, and a meeting point and exchange of knowledge, experiences and relations of all the […]

XVI International Congress of experiences in Industrial Cybersecurity. Europe

As a fundamental part of its activity, the Industrial Cybersecurity Center (CCI) will hold its XVI Industrial Cybersecurity International Congress in Europe from September 28th to 30th (9:00 to 14:00 CEST), one of the benchmark events for the European market, and a meeting and exchange point of knowledge, experiences and relationships of all the actors […]

Patrocinadores del Centro en el País