The Big List of Manufacturing Cybersecurity Statistics + Infographic

The Big List of Manufacturing Cybersecurity Statistics-1

Cybersecurity matters in every modern industry, including the manufacturing sector. Operational technology and the advent of Industry 4.0 means facilities now depend on more networked devices than ever, leaving valuable infrastructure increasingly vulnerable to bad actors.

Manufacturing leaders must tackle this problem at its source with proactive solutions, but the first step is understanding the landscape. These manufacturing cybersecurity statistics will help you comprehend the full scope of this problem — and how to solve it. Feel free to review the infographic below, or scroll further for more details.

Jump to a section…

Infographic: Manufacturing Cybersecurity Statistics

Manufacturing Cybersecurity Statistics to Help Protect Your Business

The Impact of Ransomware on Manufacturing

The State of Cybersecurity in Manufacturing

Cybersecurity Challenges and Vulnerabilities

Unsecure Devices

Insufficiently-trained Personnel

Lack of Cybersecurity Leadership

The Right Cybersecurity Strategy Will Get Results

Infographic: Manufacturing Cybersecurity Statistics

Industry 4.0 infographic tall_high

Manufacturing Cybersecurity Statistics to Help Protect Your Business

The Impact of Ransomware on Manufacturing

  • Manufacturers pay $2 million on average to restore operational systems after a successful ransomware attack.
  • Globally, the average ransomware payment by companies is $812,360.
  • Manufacturing companies are targeted by 23% of corporate ransomware attacks.
  • 61% of manufacturing and production organizations reported an increase in cyberattacks since 2021.

As the number of smart factories and IoT-powered OT tools increase, so does the risk of cyberattacks. Unfortunately, a high volume of security vulnerabilities means the industry suffers a disproportionate number of breaches compared to others. According to one IBM security report, manufacturing is currently the most frequently attacked industry, representing 23% of security incursions worldwide. A second study from Fortinet determined that over the past year, 61% of all security breaches impacted OT systems.

Malicious actors are well aware of the manufacturing industry’s vulnerabilities. This knowledge drives a corresponding increase in ransomware attacks, which typically shut down essential machinery until the victimized company pays the attacker. For manufacturers, the average cost is approximately $2,036,189 per attack, the highest average ransomware payment for any industry. Given those earnings, it’s no surprise that 61% of manufacturing and production organizations saw the number of cyberattacks against them increase since 2021.

Such a financial impact, onerous as it may be, is at least only a short-term danger. If the fee is not paid, ransomware attacks can lead to long-term distribution issues and, in some cases, widespread supply chain disruption. Trade shutdowns can drive billions of dollars in losses between manufacturing’s overall vulnerability and potential downstream effects. If accidentally blocking the Suez Canal can block 12% of all global trade, few leaders should be willing to face an intentional attack on supply chains.

Concerned about cyberattacks? You’re not alone. Request a Byos demo to find out how our solution proactively protects manufacturers.

The State of Cybersecurity in Manufacturing

  • Only 24% of manufacturing firms have completed OT security projects and upgrades.
  • 56.8% of all IoT traffic comes from the manufacturing industry.

To understand the state of cybersecurity in manufacturing, it’s vital to consider how operational technology (OT) is changing manufacturing. The field is quickly transitioning from lines of discrete machines to integrated, digitized systems. These advances use the Internet of Things (IoT) to monitor and control entire networks, increasing efficiency throughout the organization and broader supply chain.

These advances help companies modernize and expand their operational capacity, which will ultimately double OT spending within the next eight years. Even now, 56.8% of all IoT traffic comes from the manufacturing and retail industries.

Yet, for all of these benefits, cybersecurity within manufacturing remains a relatively low priority for many manufacturing executives. According to one survey, only 24% of manufacturing firms have completed their OT security projects. While progress is underway, the industry needs far more action to address these vulnerabilities.

Cybersecurity Challenges and Vulnerabilities

The latest manufacturing cybersecurity statistics suggest that businesses face three obstacles when implementing a cybersecurity strategy: unsecured devices, insufficiently-trained personnel, and a lack of support from executive leadership.

Unsecure Devices

  • 73% of OT devices are completely unmanaged.

Manufacturing and production companies tend to rely on operational technology that comes embedded with IoT devices. These devices may be always-online or accessed remotely on a local network, but most are particularly vulnerable to cyberattacks.

According to one Armis study, 73% of OT devices are completely unmanaged. That means IT departments have no visibility into whether these devices are compromised or simply malfunctioning until it is too late.

Insufficiently-trained Personnel

  • 49% of organizations lack sufficient cybersecurity expertise.
  • 36% have insufficient personnel.
  • 33% face organizational constraints or complexity.
  • 28% lack financial resources.

Securing IoT devices would mitigate many incursions, but manufacturers often do not have the resources to accomplish this task. A joint study between (CS)²AI and KPMG determined that almost half of OT and industrial organizations lack sufficient cybersecurity expertise in terms of training and available personnel. Many manufacturers also have unique organizational constraints or complexities that hinder standard cybersecurity solutions.

Lack of Cybersecurity Leadership

  • 58% of CEOs prefer a proactive and risk-focused approach to cybersecurity.
  • 54% of CISOs prefer a reactive, incident-driven approach to cybersecurity.

Part of the reason manufacturers may struggle to keep up with cybersecurity is differences in philosophy among the C-suite. For example, Forcepoint discovered that while CEOs and CISOs agree that cyberattacks are a problem, their preferred strategies are opposed. CEOs tend to want to be proactive, evaluate risk, and focus on behavioral techniques. However, CISOs want their response to be reactive and focus on individual incidents. If leaders cannot get on the same page, it will be harder for employees to implement an effective cybersecurity policy.

The Right Cybersecurity Strategy Will Get Results

  • 75% of industrial organizations experience no major breaches after completing a cybersecurity project.

The good news is that, for all of these vulnerabilities and dangers, the right cybersecurity solution can prevent attacks and mitigate their impact. Once industrial organizations complete their OT and IoT cybersecurity projects, 75% experience no further significant incidents. The challenge is finding solutions that are compatible with legacy infrastructure, integrate with manufacturing software, and can be properly operated by any employee.

That’s why Byos, a long-trusted partner of manufacturing organizations, designs user-friendly security solutions for a range of production facilities. It’s time for industry leaders who can make meaningful upgrades to their OT security to step into the spotlight — get in touch with our experts to find out how.

Industry 4.0 Blog #4: Controlling Third Party & Remote Access to OT

Industry 4.0 Blog #3: Hardening the OT Network