Manufacturing cybersecurity to step up in response to threats of cyberattacks

Recent manufacturing crises such as the baby formula shortage and the global chip shortage demonstrate the profound impact of downtime and production issues. From the global pandemic to lockdowns in China, manufacturers are now being warned about the risk of cyberattacks from Russia.  

Manufacturing is an emerging target for cyberattacks; production floors that were once protected by legacy or closed-network systems are now digitized and open to greater access—and risk. As a result of this, manufacturing organizations are starting to take a more aggressive stance on securing their informational technology (IT) and operational technology (OT) environments to ensure access to critical data and systems, but also to protect the integrity of intellectual property (IP), product parts and the software supply chain. Without these measures, manufacturers face the risk of an average data breach cost of $4.24 million—though that’s still pennies compared to the cost of unplanned downtime, which is now up to $50 billion per year.

A recent manufacturing cybersecurity survey revealed that 75% of cyberattacks result in a production outage. In 43% of the outage cases, production stopped for more than four days—to say nothing of the impact of cyberattacks on any of the downstream supply chain partners. 

In response to the increased risk landscape, in 2021, federal regulators released Executive Order 14028 which urged the public sector and federal agencies to harden security and adopt MFA. The Office of Management and Budget (OMB) Memo M-22-09 followed suit in 2022, offering guidelines for the implementation of Zero Trust security and phishing-resistant MFA, in order to protect against the evolving cyberattacks on critical infrastructure and the software supply chain.

As  these organizations place more emphasis on resilience and product quality in their supply chains, it’s time to up-level the manufacturing cybersecurity game and consider what practical steps can be taken to secure the IT and OT environments and all the critical points and people along the supply chain.

“Proactively securing our global supply chain was an important step as properly tested and approved products are counted on by our customers who buy and deploy them.” – Chad Lloyd, Director of Cybersecurity Architecture for Energy Management, Schneider Electric. Read the case study.

For more on how to implement phishing-resistant MFA, secure third-party access, and safeguard the supply chain, read our latest whitepaper: Protecting manufacturing with highest-assurance security.

Talk to our teamTalk to our team

Share this article:


  • Digital security’s unique role in protecting our environmentAs sustainability expands to include social, economic, and technological challenges, cybersecurity has emerged as a top global threat – with cybercrime projected to cost $12 trillion this year. Stolen credentials and phishing account for 80% of breaches. At Yubico, making the world more secure is just part of how we care for the world around […]Read moreCSREarth DaySecure It ForwardSustainability
  • Breaking down Australia’s plan to combat AI-driven phishing scamsAcross Australia, cybercrime continues to be a major challenge impacting businesses, critical infrastructure and consumers alike. The use of AI by bad actors across the spectrum of cybercrime is on the rise, and as a result, credential phishing scams are becoming increasingly sophisticated. AI is effectively helping to lower the cost of phishing and increase […]Read moreAIAPACAustraliaphishing
  • 5 fast cybersecurity tips to clean up your digital lifeWith today being Identity Management Day, now is the perfect time to take stock of your online presence, update security settings, and ensure that your personal data remains protected from cyber threats like phishing. We’re also seeing increasing concerns of DeepSeek and other AI tools around data privacy making these kinds of attacks more successful […]Read morebest practices
  • Navigating the PCI DSS 4.0 transition and meeting compliance with phishing-resistant YubiKeysIn just a few days, on March 31, 2025, decision makers in industries that involve payment processing – including financial services, retail & hospitality and telecommunications – are tasked to finalize the transition to Payment Card Industry Data Security Standard (PCI DSS) 4.0. This deadline marks a critical juncture for all organizations handling payment card […]Read moreNISTPCI DSSPCI DSS 4.0