May 15, 2025 Building Cyber Resilience in Manufacturing

Building resilience means more than just patching vulnerabilities – it’s about protecting production, supply chains, and reputation.

Manufacturing is in the midst of a digital transformation, but for every gain in productivity and visibility, there’s a corresponding rise in cyber risk. Smart factories, IoT integration, and connected supply chains have redefined what resilience means for the industry. That means cybersecurity is no longer a back-office function, but an operational and strategic imperative for C-level leaders.

According to the cybersecurity statistics, 15% of all data breaches involve third-party vendors in the supply chain with risks that many manufacturers inherit without direct fault. But in a highly interconnected environment, the source matters less than the outcome. What matters most is readiness to detect, contain, and recover before those risks interrupt operations.

Why Cyber Resilience Has Reached the Boardroom

Cyber risk has long been a business risk. But today, its consequences are more direct, visible, and harder to contain. A breach that impacts industrial control systems (ICS) or operational technology (OT) disrupts everything from production to supply chain continuity. Leaders now face a direct line between cyber resilience and the organization’s ability to meet contractual obligations, retain customers, and maintain uptime.

As Charlie Lewis, a partner at McKinsey & Company, told Industrial Cyber, the real challenge for C-level leaders is balancing the broader business agenda – growth, investment, and risk – against evolving security needs. This becomes especially complex in OT environments, where budgets and execution often sit outside the traditional security function. For executives used to enterprise IT, adapting to the fragmented reality of OT systems requires not just awareness, but urgency.

Where Manufacturing Is Most Exposed

Manufacturing stands out across industries for both the frequency and severity of cyber incidents. Cowbell’s 2024 Cyber Roundup Report found that cyber claims in this sector are 1.6 times more frequent and 1.2 times more severe than the average. The report also noted that the industry’s overall cyber risk score is 11.7% lower than the global average, highlighting its systemic vulnerability.

This exposure stems from a unique mix of legacy systems, high-value IP, and widespread use of automation and IoT. As smart factories scale, interconnectivity turns cybersecurity into a constant balancing act between agility and risk exposure. And with supply chain attacks up 431% between 2021 and 2023, threat actors are increasingly exploiting the weakest link, not the most visible one.

Executive-Level Strategies for Resilience

Resilience begins at the top. It depends on how well systems, teams, and priorities are shaped with preparedness in mind

C-level executives should anchor their strategy in a few key actions:

• Bridge the IT-OT divide by developing cybersecurity programs that span both environments.
  
• Tie cyber investments to business risks, not technology. That means focusing on what could truly disrupt operations, from unpatched PLCs to third-party software dependencies.
  
• Prioritize through risk matrices. Not every vulnerability needs equal attention. Use standardized tools (like ISA/IEC 62443) to identify the most impactful mitigation steps.
  
• Work in context. Dawn Cappelli, head of the OT-Cyber Emergency Readiness Team at Dragos, emphasized that many C-level leaders don’t realize how exposed their revenue-generating OT systems are until it’s framed as business risk, not just budget.
  
• Iterate over time. A cyber strategy can’t be static. Leaders should regularly reassess based on changing threats and regulatory shifts.

Embedding Cybersecurity Into Company Culture

Even the best technology can’t compensate for a weak security culture. And in industrial environments, cultural change is often the hardest part of resilience.

Many employees still see cybersecurity as an overcomplicated or abstract topic. Shifting that mindset takes more than training sessions. It requires leadership to model secure behavior and reinforce security as a shared operational responsibility.

Tactics that work include:

• Microlearning modules spread throughout the year rather than one-time sessions
  
• Gamified phishing simulations followed by quick debriefs
  
• Recognition for secure behavior, especially among operations staff
  
• Clear, blame-free reporting channels for suspected incidents

As Gideon Ruben of Your IAQ put it, “Security is everyone’s shared responsibility, not just the IT team’s.” That’s especially true when a single click can bring a production line offline.

Smart Investments: What Leaders Should Be Funding

Cybersecurity funding should reflect today’s risks, not yesterday’s frameworks. For manufacturing leaders, that means investing beyond IT firewalls and endpoint protection.

According to a Deloitte analysis, 48% of manufacturers identify operational risks (including cybersecurity) as the biggest threat to smart factory initiatives. Yet, fewer than half have conducted a cybersecurity assessment in the past six months.

Smart investments should include:

• Cyber maturity assessments to uncover hidden OT risks
  
• Monitoring tools tailored for ICS/OT networks, not just enterprise IT
  
• Governance programs that cover both IT and OT
  
• Ongoing vulnerability testing and patch management
  
• Cross-functional training so teams can identify and escalate threats quickly
  
  

The goal is to protect systems whose failure could halt production, disrupt customers or threaten safety.

Measuring and Managing Resilience

Resilience is measurable, but it requires structure. Rather than focusing on “do we have a policy?”, a proper cyber-resilience assessment looks at whether the organization can adapt and recover under pressure. Organizations should evaluate:

• What’s at risk across systems, facilities, and supply chains
  
• How often plans are tested, from firewalls to disaster recovery
  
• How well employees and leadership understand their roles in a cyber event
  
• How lessons are captured and used to improve post-incident

Frameworks like NIST CSF or CISA’s Cyber Resilience Review offer structured ways to benchmark readiness. But the most resilient organizations go further: they treat cyber resilience as a living process, not a compliance task.

Cyber Resilience as both Safety and Competitive Advantage

In manufacturing, downtime is expensive, safety is non-negotiable, and trust is earned by the day. Cyber resilience keeps all three on track.

C-level leaders don’t build resilience for hypotheticals, but to protect what keeps the business running. And those who do it well gain a strategic edge. After all, organizations that treat resilience as a priority are more likely to maintain control when disruption hits.

About the Author:
Thomas Patterson is a highly experienced and passionate product leader in the cybersecurity and technology industry. With a strong background in product management, security, and data privacy, he has a proven track record of driving innovation, growth, and successful product launches. Currently serving as the Senior Director of Product Management: Platform, Mobile, and AI at VikingCloud.

Thomas is responsible for overseeing the VikingCloud Platforms, Mobile Applications, and Artificial Intelligence. He is skilled in building core services, shared infrastructure, and centralized experiences for a seamless platform experience.

Subscribe to Industry Today