A report from Rockwell Automation reveals that cybersecurity is increasingly becoming a business matter in manufacturing, with 96% of respondents stating they plan to invest in cybersecurity platforms (or have already done so). This may be in part due to the fact that cyber threats rank among the most serious external concerns at 30%, outpaced only by inflation/economic growth at 34%. 

Key findings from the report include: 

• A majority of cyber and IT professionals (61%) are planning the adoption of AI and machine learning (ML) in the next year, which surpasses general manufacturing.
• 38% of manufacturers intend to utilize data gathered from current sources to drive security measures. 
• Nearly half (48%) of all cyber professionals reported that securing converging architecture is key to ensuring positive outcomes over the next 5 years. 

Security Leaders Weigh In

Mr. Satish Swargam, Principal Security Consultant at Black Duck:

The State of Smart Manufacturing report from Rockwell Automation emphasizes the significance of AI/ML in smart manufacturing and recognizes related cybersecurity challenges. The disruption of digital transformation in this market sector shows the increasing demand for skilled cybersecurity professionals who are adept in identifying cybersecurity risks and applying mitigation controls to address the challenges AI/ML poses in smart manufacturing.

Cybersecurity assessments that include AI governance are like brakes that should be perceived as not slowing one down but instead helping to reach one’s destination by avoiding accidents. There are lots of capabilities that should be considered when employing and maturing the AI / ML strategic programs. AI/ML will be used to improve quality and cybersecurity in the forthcoming months. Since the data will be used in LLMs to streamline operations and enhance decision-making capabilities, Shadow AI will become a major concern in smart manufacturing as well.

Trey Ford, Chief Strategy and Trust Officer at Bugcrowd:

Manufacturing placing cybersecurity as a priority over the next five years is a great thing to hear as this space is ripe for modernization and disruption.

The cybersecurity community is excited to see a fresh take on OT operating architectures, not a patchwork of marketing buzzwords added to the old-world air-gapped deployment strategy — we can do better. The OT manufacturer that announces a resilient offering that removes the need for air-gapped networks will set a tone in the marketplace - this is a segment that is still operating in architectural patterns from the last century.

Cybersecurity is a proxy indicator of excellence in design, build, and operations — bringing the OT space into the modern era will raise the performance, telemetry, and resilience of the manufacturing industry. I hope to see OT designers integrating both secure by design principles, and partnership with the research community in the design and testing phase — not just in the marketing slicks and customer deployments as they have in the past.

The introduction of AI will be very similar to how computers revolutionized process control systems (PCS) in the ICS/SCADA universe around the turn of the century, improving safety, tightening production tolerances, and increasing yields and margin capture. AI will provide far more accessible management understanding, visibility, and troubleshooting that historically required the experience and perspective of more seasoned engineers and operators.

J Stephen Kowski, Field CTO at SlashNext Email Security+:

Cyber is basically tied with inflation as a board-level risk now, which tracks with what I’ve seen after a decade in manufacturing IT/OT — customers, regulators, and insurers are all turning up the pressure, so security choices are really business choices. With IT/OT blending, the attack surface explodes; no surprise nearly two-thirds of security pros plan to add AI/ML in the next year, and almost half are zeroing in on securing converged architectures to keep plants running safely.

The practical path is to turn existing telemetry into outcomes: use the data already in place to detect evasive phishing and malware, stop credential theft and BEC in real time, and automate response across email, web, mobile, and collaboration apps — while proving compliance and cutting mean time to remediate. Given talent gaps, tools that deliver high detection efficacy out of the box with lightweight deployment and API integrations can help teams move fast without ballooning cost or headcount.

Derek Manky, Chief Security Strategist & Global Vice President of Threat Intelligence with Fortinet’s FortiGuard Labs:

OT cyber threats have evolved dramatically as attackers increasingly target industrial environments with more sophisticated techniques. In fact, the recent Global Threat Landscape Report found that the OT sector remains one of the top targets for attackers.

One of the most significant shifts has been the increasing convergence of IT and OT environments, which expands the attack surface and makes traditional security measures insufficient. Threat actors are capitalizing on this shift by leveraging new attack methods that were previously impractical to use against air gapped OT systems and employing reconnaissance-as-a-service to map out OT networks before deploying malicious payloads. 

One of the biggest challenges organizations face in incident response is the upsurge in AI-powered threats that increase the volume and sophistication, making attacks harder to detect and contain. Real-time threat intelligence is essential for detecting and responding to cyber threats before they impact industrial operations. By continuously analyzing threat data, organizations can identify attacker tactics, techniques, and procedures (TTPs) early in the attack lifecycle, allowing for proactive defense. 

To make threat intelligence actionable, organizations should: 

• Automate detection and response by integrating AI and machine learning tools that analyze anomalies in real time. 
• Correlate OT and IT threat intelligence to create a unified security posture across both environments. 
• Implement security orchestration, automation, and response (SOAR) platforms to enable faster mitigation of detected threats. 
• Conduct continuous security testing and red teaming to refine defenses based on emerging threats. 

A well-implemented threat intelligence program ensures that security teams not only understand the evolving threat landscape but also have the tools to act on it swiftly and effectively. 

The future of security in manufacturing will be driven by technologies that enable faster detection, response, and adaptation to evolving threats. Key trends include: 

• AI-driven threat detection that continuously learns and adapts to new attack patterns. 

• Automated security orchestration (SOAR) to streamline incident response and reduce manual workload. 
• Continuous Threat Exposure Management (CTEM) to identify and mitigate risks before they become exploitable. 
• Industry-wide intelligence sharing initiatives, such as MITRE ATT&CK for ICS, to improve collective defense strategies. 
• Zero Trust security frameworks tailored for OT environments, ensuring strict access controls and network segmentation. 

By adopting these technologies, organizations can move from a reactive to a proactive security posture, significantly reducing the risk of cyberattacks impacting industrial operations.