Cyberattacks on manufacturers are rising, yet too many businesses remain unprepared. Industry leaders gathered to share strategies to defend against this growing threat.
Manufacturing is now the most targeted industry by cybercriminals, accounting for one in four cyberattacks worldwide. Ransomware – a type of malicious software or ‘malware’ that locks systems until a ransom is paid – is behind 70% of these breaches.
Why has manufacturing become such a target?
1. Legacy equipment running outdated software and protocols that aren’t receiving the latest security updates.
2. The explosion of sensors and connected devices creating countless potential entry points for hackers.
3. A gross underestimation of the threat, especially among SMEs, leaving many without a formalised cybersecurity strategy.
There is also a political dimension. Manufacturing is embedded in supply chains that underpin economic and national security – energy, defence, medicines, food and transport. This makes it a prime target for state-sponsored cyberattacks.
The UK’s cyber chief recently described the threat to the nation’s critical infrastructure as “enduring and significant”, blaming a rise of state-aligned groups, increasingly aggressive cyber activity and ongoing geopolitical tensions.
Worryingly, the line between criminal and political motivations is blurring, with reports suggesting that China, Russia, Iran and North Korea (CRINK) are progressively outsourcing attacks to hacking contractors, making threats more unpredictable and harder to trace.
The latest Made Masterminds roundtable, held in partnership with Made patrons Clarion and Wavenet, brought together industry leaders, IT specialists, legal advisors, researchers, finance providers and local government officials for an insight-packed discussion. What was shared laid bare the scale of the problem, alongside practical solutions to bolster resilience, protect critical supply chains and safeguard national security.
“It will never happen to Us”
A chronic underinvestment in cybersecurity has left many manufacturers without the resources, awareness and strategies to defend themselves. As one attendee observed; “Thieves don’t raid banks with sophisticated security systems, guards and vaults. They choose a more vulnerable target, like snatching a handbag or smartphone.”
This misplaced confidence that criminals only target large organisations leaves manufacturers dangerously exposed. One attendee described their ransomware attack triggered by a production line computer running a 25-year-old operating system. The breach resulted in stolen data, a lengthy police investigation and media scrutiny.
Reflecting on the experience, he noted; “You think you’re never going to be targeted and that hackers are just kids in hoodies who don’t know any better, but these are professional criminals holding your data ransom. We’ve spent the past year speaking to experts, mapping our IT estate and putting rigorous policies in place. But in our case, it’s very much shutting the stable door after the horse has bolted.”
Other speakers noted that manufacturers often react to breaches instead of preventing them. Addressing problems after the fact typically results in prolonged disruption, lost productivity and higher costs for recovery efforts. Additionally, a reactive approach often skips the vital step of post-incident analysis, meaning lessons from past breaches are rarely acted on to improve future defences.
The Threat Is Bigger Than You Think
The consensus was clear – manufacturers need to shift their perception of cyber risk urgently. “If you believe your chances of being hit are one in a million or even one in a thousand, cybersecurity will always be a low priority. Yet, the actual odds are one in four. That’s a very different risk profile and should make cybersecurity a permanent boardroom concern,” noted one IT expert.
Many companies, however, continue to prioritise traditional risks. One attendee highlighted the disparity; “Ask any manufacturer their biggest concern, and most will say fire, theft and flood, not cyberattack. In reality, the numbers tell a different story.”
There were around 2.4 million instances of cybercrime across all UK businesses in the last 12 months. If manufacturing accounts for one in four, that’s 600,000 attacks – a stark contrast to the fewer than 1,800 fires at industrial premises in the same period.
“Every business has extinguishers, fire marshals, designated meeting areas, regular drills and staff training. I wish the same could be said for cybersecurity. Manufacturers need to wake up before it’s too late,” concluded another attendee.
And the stakes couldn’t be higher. With 60% of businesses going bankrupt within a year of a breach, the reputational fallout can be devastating. Customers, suppliers, investors and employees are quick to lose trust in those that fail to protect their data – and once gone, trust is incredibly difficult to regain.
But even as manufacturers begin to take these threats seriously, the most significant vulnerabilities often lie within their own teams.
You Are The Weakest Link
Despite advances in security technology, people remain the most vulnerable point in any system. Phishing attacks, weak passwords and accidental data leaks are responsible for most breaches, with human error accounting for over 80% of successful cyberattacks.
All the firewalls and antivirus systems in the world become irrelevant if an employee clicks on a malicious link promising holiday deals during their lunch break. Cybercriminals rely on social engineering techniques that exploit human psychology, making it easier to bypass even the best technical defences. For example, phishing emails today are no longer the obvious scams of the past. They’re tailored, targeted and often indistinguishable from legitimate communications.
The explosion of interconnected devices has also introduced new risks, as illustrated by a now-infamous attack involving a Wi-Fi connected thermometer. A lone hacker sat in a Las Vegas casino lobby used an IoT-enabled fish tank sensor to gain access to the broader network. This seemingly innocuous device became the gateway for stealing almost $7m, all because it was overlooked in the organisation’s IT security planning.
The rise of supply chain attacks has added another layer of complexity. Hackers have begun infiltrating third-party vendors or service providers, gaining indirect access to a target’s systems.
Devastating breaches like the SolarWinds cyberattack – where hackers compromised legitimate software updates of the widely used IT management platform, gaining access to thousands of organisations, including government agencies and major corporations – show how even the most secure organisations can be compromised through their partners.
Education is crucial, attendees agreed. Manufacturers must invest in ongoing education programmes that go beyond annual compliance training. Employees need to understand how their actions impact the organisation’s overall security posture and learn to recognise subtle attack attempts.
Including cybersecurity training in onboarding processes is especially important, with new hires often targeted as they are less familiar with internal systems and policies. Establishing good habits and best practice from day one is critical to reducing risk.
Companies must also recognise that leadership sets the tone. If managers and executives dismiss cybersecurity as “IT’s responsibility,” employees will mirror that behaviour. A top-down commitment ensures the human element becomes a strength, not a liability.
Governance Has Become Non-Negotiable
A case study shared by Clarion highlighted the importance of proactive governance. When a manufacturer’s German parent company suffered a ransomware attack, the UK team struggled without clear communication and governance protocols. What followed was a high-stakes scramble to assess the damage, notify regulators and navigate complex legal procedures.
Under UK law, businesses must notify the Information Commissioner’s Office (ICO) within 72 hours if personal data is compromised. The ICO can impose fines of up to 4% of global turnover for serious breaches or 2% for administrative failings, such as inadequate documentation or governance.
The German arm of the business was also weighing whether to pay the ransom – a controversial decision with legal and ethical ramifications. Paying criminals to release stolen data could violate the Proceeds of Crime Act, which would require additional police clearance. Meanwhile, the company’s operations were paralysed, unable to process orders or access email.
“Most manufacturers run scenario planning for fires or power outages, but few consider what happens if their email systems are frozen or critical data is held hostage. Scenarios like these can be just as disruptive. Prepare to fail rather than fail and then scramble to fix. The legal, reputational and operational costs of inaction are simply too high.”
-default.jpg)
Know Your IT Estate
Mapping your IT infrastructure is foundational to cybersecurity. Without a clear and current map of your entire network, you cannot protect what you don’t know exists. Hidden vulnerabilities – like unpatched software, unused accounts or forgotten devices – are prime targets for attackers seeking the path of least resistance.
Manufacturers were advised to create a full inventory of every device, application and system connected to their network, including endpoints, employee and IoT devices, cloud-based services and even backups. Automated tools like network scanners can simplify this process, providing a snapshot of what’s connected. Be sure to also account for “Shadow IT”, i.e. unsanctioned tools or applications used by employees that create gaps in your defences.
Once done, each asset can be classified based on its role in your operation and its security status. Is the software up to date? Are the devices compliant with security policies? Are there any unpatched vulnerabilities or outdated configurations? Which devices communicate directly with critical systems? Where are the potential pathways attackers could exploit?
Remember, also, that an IT estate is dynamic, with new devices and software being added regularly. Continuous monitoring ensures you stay ahead of potential risks.
“Mapping your IT estate isn’t just about security – it’s also about efficiency,” said one attendee. “With a clear overview, you can better allocate resources, streamline maintenance tasks and ensure compliance with regulations. Additionally, this visibility supports faster incident response. When a threat arises, you’ll know exactly which systems are affected and how to isolate the problem, minimising downtime and damage.”
Zero Trust as Best Practice
Traditional cybersecurity models rely on the concept of a secure perimeter: keep the bad actors out, and everything inside is safe. However, the rise of remote work, cloud computing and increasingly sophisticated cyberattacks means the perimeter is effectively gone. Zero Trust is a model that shifts the focus from "trust but verify" to "never trust, always verify.”
Zero Trust treats every user, device and application attempting to access a system as potentially compromised, requiring strict access controls and constant verification. The principle of least-privilege access is central to this approach: users and devices are only given access to the specific resources they need. This segmentation minimises the potential damage any one user can cause, even if their credentials are compromised.
Before granting access, Zero Trust evaluates the security status of devices. Are they running the latest software updates? Do they have antivirus protection? If not, access is denied or limited to ensure unpatched vulnerabilities don’t become entry points.
Adopting Zero Trust may require an initial investment of time and resources, but the long-term benefits far outweigh the costs, an IT specialist said. As cyberattacks grow more sophisticated, this adaptive security model ensures that manufacturers can not only withstand breaches but also operate with confidence in an increasingly hostile digital world.
Building Resilience with the 3 Ps
A robust cybersecurity strategy doesn’t have to be costly, complicated or time-consuming. With the right approach, much of it can be handled internally, starting with the 3 Ps – People, Passwords and Patching. These pillars form the backbone of an effective defence, balancing security with operational efficiency.
People: The workforce is both your greatest asset and your first line of defence. A strong cybersecurity culture doesn’t require expensive tools – just consistent awareness. Regular, practical training can help employees recognise threats, adopt safe practices and understand their role in protecting the business. Cybersecurity should feel as natural and essential as health and safety training.
Passwords: Lengthy, multi-character and frequently updated passwords are a simple but vital safeguard. Yet, all too often, convenience trumps security – passwords taped to machines or unchanged for years are common pitfalls. A password manager is an easy solution, allowing manufacturers to generate and securely store unique, complex passwords. When staff leave or change roles, passwords can be updated quickly across systems, reducing risks and eliminating outdated log-ins.
Patching: Software updates exist for a reason – to close security gaps. Manufacturers frequently delay patches to avoid disrupting systems or production, but this doesn’t mean they should ignore them entirely. Options like isolating older equipment or investing in compatible IoT- controls can address vulnerability without halting operations.
“The 3 Ps are actionable steps any manufacturer can take. Cybersecurity doesn’t need to feel overwhelming or expensive – start today, act strategically and you’ll create a foundation that safeguards your business now and in the future.”
*Images courtesy of Freepik and Deposit Photos