According to KnowBe4’s 2025 report “Securing Manufacturing’s Digital Future,” the manufacturing sector remains the most targeted industry for cyberattacks in Europe. In 2024, it accounted for 26% of all reported incidents across sectors and saw an 89.2% surge in confirmed data breaches compared to the previous year. This sharp rise reflects the sector’s increasing dependence on digital infrastructure and operational technology (OT), much of which was never designed with cybersecurity in mind.

Key Threats to the Sector:

Ransomware is the most dominant threat, responsible for 47% of manufacturing breaches in 2024. These attacks often lead to operational shutdowns, financial losses, and significant supply chain disruptions. Phishing and broader social engineering tactics also remain prevalent, with phishing alone responsible for 19% of reported incidents. Human error is still a major factor, contributing to 60% of breaches across various attack types.

State-sponsored advanced persistent threats (APTs) have also intensified, with 69% of campaigns observed between August and November 2024 targeting manufacturing. Threat actors such as APT10 and Volt Typhoon are actively exploiting gaps in cyber maturity and awareness.

Why Manufacturing Is So Vulnerable:

Many manufacturers still rely on outdated OT systems that were not designed with cybersecurity in mind. These systems often lack basic protections such as encryption, authentication, and regular updates. The growing integration of OT and IT systems further expands the attack surface and creates new vulnerabilities. At the same time, the sector’s complex and global supply chains increase exposure, with third-party risks often going unaddressed.

Manufacturing also stores valuable intellectual property—from proprietary designs to R&D data—making it a high-value target for both cybercriminals and nation-state actors. Despite these risks, many organizations continue to deprioritize cybersecurity due to financial constraints, fear of downtime, and workforce shortages.

Recommendations for Building Resilience:

The report emphasizes a shift from reactive to proactive cybersecurity. Key recommendations include:

• Segmenting networks and using virtual patching to protect legacy systems.
• Embedding cybersecurity into digital transformation initiatives, including new machinery and analytics tools.
• Conducting regular risk assessments aligned with frameworks such as NIS2, ISO 27001, or IEC 62443.
• Strengthening supply chain security through vendor risk assessments and collaborative threat intelligence sharing.
• Addressing human risk through tailored security awareness training, phishing simulations, and just-in-time nudges.

The report also highlights the effectiveness of training programs. In manufacturing, KnowBe4 observed that baseline phish-prone behavior dropped from 31.8% to just 3.6% after one year of structured security awareness training—demonstrating the value of investing in human-focused defenses.

Cybersecurity in manufacturing can no longer be viewed as optional or secondary. With ransomware, phishing, and APTs posing growing threats, and the cost of disruption rising, manufacturers must embed cybersecurity into every layer of their operations—from the factory floor to the supply chain. Strategic investment in both technology and people is essential to securing the industry’s digital future.