Manufacturing in Focus
Lead with Clarity
The High-Stakes Environment of Modern Manufacturing
In recent years, the factory floor has become the new frontier for global cyber extortion (Cy-X) actors. Manufacturing, a long-standing cornerstone of many economies around the world, is quickly becoming their number one victim with 1,228 recorded incidents from October 2024 to September 2025 a +32.3% YoY rise.
It’s not hard to see why. Industrial processes are evolving and becoming more global and interconnected, meaning attack surfaces are ever-expanding. This, in turn, is attracting unwanted attention from adversaries intent on profit. Today, manufacturing faces immense pressure from an equally industrialised opponent – cybercrime. Criminals find manufacturing business easier to compromise compared to more ‘mature’ industries, like finance, and attackers are increasingly recognising the severe disruption a single successful attack can cause across the supply chain and the entire economy.
Download the Manufacturing in Focus ReportWhat can you expect in the report?
- Comprehensive Industry Analysis: A detailed look at how manufacturing has become the #1 victim of cyber extortion (Cy-X).
- Sector Scorecard: A global data breakdown of threat actors, threat actions, and impacted assets specific to manufacturing.
- In-depth Focus on IT/OT Convergence: Analysis of the security gaps created by merging Information Technology with legacy Operational Technology.
- Detailed Incident Metrics: Data on "True Positive" incident rates and the mean time to resolve (MTTR) confirmed threats.
- Exploration of Hacktivism: Insights into the rise of "establishment hacktivism" and its potential for causing physical disruption in factories.
- Specific Mitigation Recommendations: Nine strategic recommendations for security leaders to strengthen defenses and reduce response times.
- Strategic Implications: Five top implications for security leaders to consider when building resilience.
Research-driven insights to build a safer digital society
- First-hand SOC Data: Intelligence derived directly from Security Operations Centre client data and Orange Cyberdefense's research teams.
- Unmatched Threat Landscape Visibility: A look at the 1,228 recorded Cy-X incidents in manufacturing between October 2024 and September 2025, a 32.2% year-over-year increase.
- Expert Analysis of Disruptive Events: Case studies and analysis of incidents like the Predatory Sparrow attacks and the Jaguar Land Rover supply chain disruption.
- Identification of "Internal Exposure": Research showing that 68% of confirmed incidents are driven by internal actions, such as misuse and user error.
- Vulnerability Management Data: Analysis revealing an average of 26.3 vulnerabilities per asset with a high average age of 221 days.
- Focus on Identity as the New Perimeter: Insights into how account and identity-related risks are amplifying in factory environments.
The potential for mass disruption is a major factor making the manufacturing sector a prime target for a broad range of threat actors. Beyond purely financially motivated cybercriminals, the sector can also draw the attention of hacktivists and nation-state attackers motivated by ideological or geopolitical aims. For such actors, the objective is often not extortion but maximum chaos. This combination of internal vulnerabilities and supply chain risk
means manufacturing businesses are caught in the crosshairs, with the industry’s defences under immense pressure.
Noel Chinokwetu
Managing Principal Consultant at Orange Cyberdefense
Security Navigator 2026 "Finance in Focus"
Get the Report here!
Watch our Youtube Discussion on OT Security: Living off the plant
In this episode: Industrial environments have moved far beyond simple firewalls. Today, attackers are manipulating physical machinery by "Living off the Plant", using your own tools against you.
Key Discussion Points:
Why the Air Gap is a thing of the past.
How attackers exploit legitimate industrial processes.
The reality of securing a factory floor in 2026.