Cyber attacks on manufacturers up globally

Estimated downtime cost individual firms up to US$2m.

  • Wednesday, 26th February 2025 Posted 1 month ago in by Phil Alsop

A global study by Omdia finds that 80% of manufacturing firms experienced a significant increase in overall security incidents or breaches last year, but only 45% are adequately prepared in their cyber security.

Omdia surveyed over 500 technology executives worldwide on the convergence of Information Technology (IT) and Operational Technology (OT) – or physical systems – in their core operations, and how they managed cyber security challenges. The report for the study was produced in partnership with Telstra International, the global arm of leading telecommunications and technology company Telstra.

The heightened risk of cyber attacks comes as manufacturers move to leverage IT such as cloud, AI, and Internet of Things (IoT) as part of their digital transformation – a process defined as Industry 4.0. While the convergence of IT with traditional OT can increase scale, resilience and efficiency in operations, it also increases the attack surface for cyber threats. Critical industries are increasingly lucrative targets for cyber exploitation including ransomware.

Manufacturers affected by a cyber attack reported a resilience or availability issue that cost individual firms between US$200,000 and US$2 million, taking the biggest hit when incidents affected enterprise and corporate systems or production control.

Geraldine Kor, Telstra International’s Head of Global Enterprise Business, said: “Greater connectivity between IT and OT is necessary to harness advanced technology for manufacturing innovation, but it increases the risks of a breach. However, very few firms are mature in protecting and defending against such cyber risks.

“Our study also uncovered a fragmented approach to security responsibility, which can leave manufacturing businesses without a clear direction. This responsibility must be clear and integrated so that one group or person will have the authority to act on security challenges for mission-critical systems. It is equally important to have the right people and security-focused culture as their absence will hinder security posture readiness, compounding technical challenges.”

Ganesh Narayanan, Telstra International’s Global Head of Cyber Security, noted that the manufacturing and other industrial sectors historically relied on air gapping for security, where OT systems are typically segregated from corporate IT systems to protect against external threats.

However, this approach is no longer sustainable with increasing IT-OT convergence, which expands the threat surface significantly.

He said: “IT and OT integration create enormous value for organisations across industries, although organisations must address risks to unlock its potential. Organisations should prioritise IT/OT and IoT security across six core areas: Collaboration and planning, defining a strategy, bolstering technical expertise, assign responsibility and accountability, leveraging the right tools, and expedite readiness with standards.”

Adam Etherington, Senior Principal Analyst at Omdia, said: “Our study illuminates critical attack vectors and lessons learned, and provides timely advice for any executive responsible for IT and OT.

“More pervasive connectivity between IT and OT is essential across greenfield and brownfield manufacturing system design and enhancements. Step change improvements to innovation, availability, safety and security require firms to harness cloud, IoT, AI and private networks, with IT/OT convergence bringing these technologies to life.

“However, most firms have been hit with expensive outages and security incidents while traditional security controls, policies and culture struggle to keep pace. Given the magnitude of downtime costs from any breach or network incident that impacted operations, it’s important to better understand the causes for proactive remediation.”

Failure to prioritise testing and integrate generative AI tools raises concerns as agentic AI adds pressure.

CIOs 'overspend' on cloud

Posted 4 days ago by Phil Alsop
43% of CIOs say their CEOs and/or board of directors have concerns about their company’s cloud spend.
Research revealed at Coterie Connect event highlights shifting team structures, evolving skills priorities, and urgent training needed for partner...
Endava has launched its latest research report “AI and the Digital Shift: Reinventing the Business Landscape”.

3,000% surge in enterprise use of AI/ML tools

Posted 1 week ago by Phil Alsop
Zscaler has released the ThreatLabz 2025 AI Security Report, based on insights from more than 536 billion AI transactions processed between February...
Over one in four (28%) British small business owners have used AI tools to help run their business.

Tech fragmentation cited as biggest cyber challenge

Posted 1 week ago by Phil Alsop
New Palo Alto Networks data shows 82% of UK organisations confident in their use of AI, despite AI being identified as biggest cyber risk for 2025.
MIT researchers crafted a new approach that could allow anyone to run operations on encrypted data without decrypting it first.