Building for Cyber Resilience in the Manufacturing Industry

Noor Boulos

For the third year in a row, manufacturing was the most attacked industry according to IBM X-Force incident response data. Phishing was the top initial infection vector, used in 39% of incidents, and malware was deployed in 45% of attacks. In 2023 alone, manufacturing organizations in the semiconductor, building, automotive, industrial controls systems, boating and consumer packaged goods industries suffered significant attacks.

The Manufacturing ISAC (MFG-ISAC) takes a proactive role in supporting manufacturing companies as they strive to strengthen cyber defenses. Most recently, the organization contributed to the World Economic Forum Cybersecurity Playbook that focuses on three guiding principles to build cyber resilience: making cyber resilience a business imperative, driving cyber resilience by design and engaging and managing the ecosystem. 

MFG-ISAC CEO Mark Orsi explained that the organization’s participation, “underscores our commitment to safeguarding operations and ensuring the long-term security of the manufacturing sector globally. Embedding these principles deeply within the organizational culture and throughout the supply chain is essential for maintaining a safe and resilient operational environment.”

Considered part of critical infrastructure, the manufacturing sector encompasses diverse industries and contributes significantly to global economic growth, so building resilience to cyberattacks is of vital importance. But manufacturing processes are comprised of various components including raw materials, skilled labor, machinery, technology and supply chain partners, which makes risk mitigation a complex challenge with unique considerations that need to be addressed strategically.

Key Challenges:

  • Supply chain disruptions can impact the timely delivery of raw materials, components and finished products. Malware can be inserted at any point in the manufacturing process or the supply chain to interrupt or sabotage operations that can lead to damaging consequences. 
  • It isn’t unusual for manufacturing facilities to use systems that are at least a decade old. Legacy technology was never designed with security in mind and is frequently no longer supported. In the absence of security patches and updates, threat actors have ample opportunity to discover new ways to infiltrate systems and access data. 
  • Connectivity between operational technology (OT), IT systems and out to the Internet enables threat actors to use tried-and-true phishing methods to infiltrate organizations. Once inside the manufacturing environment, where operators have little visibility into what is happening on their systems, cybercriminals can move freely with few blockers and go unnoticed until damage is done.

Following Best Practices:

Implementing robust risk management, investing in technology and innovation and fostering a skilled and adaptable workforce are key components to staying competitive in the manufacturing sector. Creating a data-driven security operation is essential to protecting these components from advancing threats. 

Capabilities like consolidating threat intelligence and vulnerability data from a variety of sources and eliminating the noise allow you to focus on what matters to keep your systems running. You can proactively strengthen defenses, address vulnerabilities with compensating controls, hunt for threats and investigate and respond to incidents comprehensively. 

ThreatQuotient combines the strength of its data-driven ThreatQ Platform, customer success team, training and learning solutions and community of users to share insights into emerging threats and lessons learned to mitigate risk quickly and effectively. 

Download the new Industry Brief – HERE. To see the power of the ThreatQ Platform and new integrations for generative AI and natural language processing (NLP), request a live demo at


Blog Archive

About ThreatQuotient™

ThreatQuotient™ understands that the foundation of intelligence-driven security is people. The company’s open and extensible threat intelligence platform, ThreatQ™, empowers security teams with the context, customization and prioritization needed to make better decisions, accelerate detection and response and advance team collaboration.
Share This