Cybersecurity vulnerabilities in manufacturing are escalating due to rapid digitization
Manufacturers are moving fast. They’re adopting AI, machine learning, and cloud platforms to build faster, more cost-efficient operations. That’s progress. But there’s a serious trade-off happening quietly, cybersecurity.
Today’s production plants are running systems that weren’t built for this. These environments were designed years ago for performance, not connectivity. No one thought they’d later be plugged into global cloud networks or fed by real-time AI models. Now, companies are overlaying new tech on legacy infrastructure. It works, until it doesn’t. When systems that were never designed to be exposed online are suddenly accessible across networks, they become easy entry points for attackers with a clear target.
The result is rising risk. The IBM X-Force Threat Intelligence Report for 2025 makes it clear: for four years straight, manufacturing has been the most-targeted industry by cybercriminals. Attackers look for the path of least resistance. Right now, they’re finding it in manufacturing.
According to the 2025 Deloitte Smart Manufacturing Survey, 57% of executives at large U.S. manufacturers are already running operations in the cloud. Around 29% are using AI or machine learning at the facility or network level. This is real traction. And it’s good. But when this kind of digital acceleration outpaces investment in cybersecurity, it’s not a question of if setbacks will happen, it’s when and how much they’ll cost.
Look at Jaguar Land Rover. In August, they suffered a cyberattack that shut down production for a month. Around $260 million went into cybersecurity response efforts. Add another $650 million in losses from halted output and related disruptions. That’s a warning to all of us: digitization without security isn’t sustainable.
Nick Nolen, VP of cybersecurity strategy at Redpoint Cyber, put it directly, the real risk is the rush to modernize without secured foundations. You’re adding connectivity to systems that were never designed to be exposed. That’s the gap attackers are exploiting.
Todd Moore, VP of encryption at Thales, added that historically, manufacturers didn’t even think about cybersecurity. These systems were optimized for speed and output, not protection. That model doesn’t fly anymore.
The point is simple. If you’re going digital, and you should be, you need cybersecurity built in at every step. Not as an afterthought. Not bolted on. Integrated from day one. That’s how you protect the gains you’ve worked for.
The inherent complexity of modern manufacturing networks expands potential cyberattack surfaces
Manufacturing has evolved fast. Today’s operations are high-tech ecosystems. You’ve got third-party vendors, connected machines on the floor, software from multiple suppliers, and data flowing between systems nonstop. All of that is necessary to compete. But every single one of those connections is a potential entry point for cyberattacks. More complexity means more risk, unless you’re actively managing it at every layer.
Cybercriminals aren’t targeting only central servers. They’re going after the weakest link. That’s often a less-protected device, an outdated supplier tool, or a shadow process nobody’s monitoring. Once they’re in, even through a relatively small breach, they move fast across internal systems, hunting for high-value assets like production designs, schedules, and cloud-connected devices. Nick Nolen, VP at Redpoint Cyber, said it clearly: when you have layered connectivity and minimal visibility into who’s touching what, that’s where attackers gain momentum.
This kind of exposure isn’t hypothetical. It’s happening more now because manufacturing has become one of the world’s most connected sectors. And attackers know it. That’s why, according to the 2025 IBM X-Force Threat Intelligence Report, manufacturing has been the top target for cybercriminals four years running. Black Kite’s 2025 Manufacturing Report confirms the same trend.
Executive teams need to recognize how data and systems interact across production, supply chain, and business units. It’s not just about IT security anymore, it’s about operational tech, vendor relationships, and real-time decision systems that are increasingly interlinked. You cannot ignore the structure itself. If the architecture isn’t designed for secure integration, even high investment in cybersecurity tools won’t close all the gaps.
The Deloitte 2025 Smart Manufacturing Survey shows that nearly 60% of U.S. manufacturers are cloud-enabled. That means sensitive information is being exchanged continuously, within the company and with third parties. Every point of exchange increases the attack surface. Without clear protocols, governance, and network-level defense, you’re basically operating with blind spots across core operations.
This isn’t about slowing down. It’s about scaling with frameworks that prioritize security as much as uptime and cost efficiency. C-suite leaders need to ask not just “Can this scale?” but also “Is this secure at scale?” because the threat landscape is expanding just as fast as the technology.
Inadequate security governance and oversight over AI and cloud tools amplify cyber risks
Manufacturers are integrating AI and cloud platforms fast, but oversight isn’t keeping up. A lot of that tech is being used informally, often without coordination with the IT or security teams. That’s a problem. When AI tools process sensitive design files or production data, and no one knows where that data’s going or how long it’s stored, you’re not just innovating, you’re exposing.
Ferhat Dikbiyik, Chief Research and Intelligence Officer at Black Kite, pointed this out clearly. Many manufacturers don’t even know which vendors have backend access to critical systems, or how those tools connect back to their operational technology. The result is an expanding grey zone, where data handling, permissions, and accountability are unclear or missing altogether. From a cybersecurity standpoint, that’s not manageable.
The bigger the cloud environment, the harder it becomes to monitor where AI services are being applied. Employees across supply chains and production units might upload files or run generative models without flagging the activity. That leaves companies blind to what’s being fed into third-party systems or where their proprietary data ends up. As Nick Nolen of Redpoint Cyber said, before uploading anything, companies need to ask: Where is this data going? Who can access it? Is it being used to train external models?
These are baseline questions. But too few companies have enforceable policies in place to address them. There’s often no formal review process or rules around how sensitive files, like CAD models or process blueprints, should be shared with cloud tools. That means companies are trusting critical information to systems they don’t fully control, managed by vendors they don’t always vet deeply.
C-suite leaders should take this seriously. Without strong internal governance, it becomes impossible to enforce boundaries around data usage. That’s what attackers count on. Unsecured AI pipelines and undocumented vendor workflows offer low-effort entry points into high-value environments. Getting visibility here isn’t optional, it’s critical infrastructure, just as important as the software or the physical assets powering production.
Regaining control starts with visibility: understanding who has access, what gets uploaded, and how it’s used. Then security teams can set real boundaries, around data classification, vendor protocols, and AI use, before damage is done. Otherwise, tech adoption gets ahead of security capability, and that’s where risks multiply.
Proactive cybersecurity measures such as encryption and rigorous data classification are critical
As digitization accelerates, manufacturers can’t wait until after an incident to tighten security. The smart move is to treat information as a strategic asset, classified, protected, and encrypted by default. That’s not just about compliance. It’s about controlling risk in a data-driven environment.
Start with classification. Not all data carries the same sensitivity. Some documents, like design files, supplier contracts, or product configurations, require maximum protection. Others don’t. But unless you’ve mapped that out, it’s impossible to enforce policy at scale. Data classification means knowing what you have, what it’s worth, and what level of security it needs.
Once classified, encrypt the sensitive layers, at rest, in transit, end-to-end. This removes assumptions from the equation. If bad actors gain access, encrypted data doesn’t give them a usable outcome. Todd Moore, VP of Encryption at Thales, emphasized that building encryption into your architecture should start with a thorough review of risk exposure across cloud, on-prem, and hybrid environments. That way, organizations can focus their defenses on the assets that matter most.
This also applies to AI. Kevin Albano, Global Head of X-Force Threat Intelligence at IBM, explained that companies should treat AI datasets used in manufacturing, including predictive models and training inputs, as high-value targets. That means securing personally identifiable information (PII), managing access keys tightly, and safeguarding proprietary data sets that are being developed or shared within AI ecosystems.
Leadership teams shouldn’t task this to IT alone. This is operational risk at the business level. When you don’t classify or encrypt data properly, it’s not just a technical exposure, it’s a competitive risk. IP can be lost, production schedules leaked, or supply chain partners disrupted. That’s not theory, it’s fact, backed by repeated incidents in the industry.
C-suite executives who want performance and security at the same time need clear frameworks for data protection embedded into the process. Encryption and classification aren’t just tools; they’re structures that support growth without sacrificing control or resilience. Waiting for regulations or a breach is a reactive stance. Leading companies aren’t waiting. They’re acting now, by building secure digital environments that scale with precision.
Main highlights
- Escalating cyber risk due to rapid digitization: Manufacturers moving fast into AI and cloud must address legacy systems not built for security. Leaders should invest in security frameworks as early as possible to avoid high-cost breaches and operational shutdowns.
- Expanding attack surface through system complexity: Interconnected production networks create more entry points for attacks. Executives should assess dependencies across vendors, machines, and internal systems to reinforce security across all layers.
- Lack of governance in AI and cloud tool usage: Informal use of AI and unclear vendor practices are introducing blind spots. Leadership should implement clear oversight, approval flows, and vendor accountability for all AI and cloud applications handling company data.
- Need for proactive data protection strategies: Without consistent data classification and encryption, sensitive assets are left exposed. Leaders should mandate end-to-end encryption and risk-based data classification to secure high-value information across cloud and hybrid environments.
