A new report reveals that cybersecurity has cemented its place among the top three external risks facing the manufacturing sector, ranking alongside long-standing concerns like inflation and economic growth. This finding underscores a significant shift in how manufacturers view and prioritize digital threats, recognizing them as a core business challenge rather than just an IT issue.
The report, which surveyed over 1,500 manufacturing leaders across 17 countries, highlights the growing sophistication of cyber adversaries and the increasing convergence of Information Technology (IT) and Operational Technology (OT) systems. This fusion, while enabling “smart factory” efficiencies, has vastly expanded the attack surface, making critical production systems more vulnerable to disruption. A separate report from Dragos found that manufacturers were the most affected industrial sector for ransomware attacks in the second quarter of this year, representing two-thirds of all incidents.
Ransomware, in particular, poses a severe and escalating threat. Attacks on manufacturers can cripple production lines for days or even weeks, leading to significant financial losses and supply chain disruptions. The 2021 Colonial Pipeline and 2023 Clorox attacks serve as stark reminders of how a single cyber incident can cascade into serious, multi-billion-dollar consequences.
To combat this rising tide of threats, manufacturers are beginning to take proactive measures. More than half of the surveyed companies identified securing their OT assets as a primary factor in their technology investments. The report also found a strong push toward adopting advanced security tools, with over 60% of cyber and IT professionals at manufacturing companies planning to use AI and machine learning to improve their security posture within the next year.
While progress is being made, the challenge remains significant. The manufacturing supply chain, with its complex network of vendors and partners, presents a broad and often vulnerable attack vector. Experts stress that building cyber resilience requires a comprehensive approach, including securing the entire ecosystem and fostering a culture of security awareness from the factory floor to the boardroom.
