Cyber attacks are at an all-time high
Manufacturers are vital to society, creating essential products and driving technological advancement. Remote access, smart technology and IIoT introduce new cybersecurity vulnerabilities in an industry already ripe with compromised credentials from phishing that lead to more widespread attacks like ransomware.
Further, generative and agentic AI now drive indistinguishable phishing campaigns targeting both IT and OT. As IT and OT systems become increasingly intertwined, cyber attacks can cause production outages, equipment damage, lost revenue and further impact end consumers.

180,000+
ICS/OT systems are exposed monthly to the Internet.

72%
of attacks targeting OT systems originate from IT as the entry point.

3,300
industrial organisations had data posted to ransomware leak sites in 2025.

42%
of intrusions (i.e. phishing, malware, ransomware) had operational outages that impacted revenue.
Manufacturing sectors:

high-tech
silicon & semiconductor

retail

manufacturing

medical

energy

transportation
aerospace & automotive
A true Zero Trust approach to mitigate risk
For manufacturers, it is critical that no user or device is allowed into the network unless explicitly verified. Multi-factor authentication (MFA) must be the first-line defense, but not all methods are created equal.
Legacy mobile-based MFA—SMS, one-time passcodes, and push notifications—is susceptible to AI-driven phishing and attacker-in-the-middle attacks, including those supercharged by AI. Furthermore, these methods fail in mobile-restricted or lowconnectivity factory environments.
To achieve a resilient Zero Trust architecture, manufacturers must secure both human-to-machine and machine-to-machine communication:

Secure human-to-machine communication:
Deploy phishing-resistant MFA, such as FIDO2/ Passkeys or Smart Card/PIV, to ensure the identity of anyone accessing the environment is legitimate.

Secure machine-to-machine communication:
Use hardware security modules (HSMs) to protect the cryptographic foundation of automated processes, ensuring the authenticity of components and preventing the remote theft of keys.
Modernizing with hardware-backed security enables protection across industrial environments, factory floors, and corporate offices while bridging the gap to a passwordless future.
Accelerate Zero Trust, stop account takeovers, and protect your supply chain with Yubico
“We introduced YubiKeys in our power operation SCADA systems to increase security with MFA. This process allows an operator to come on shift, authenticate quickly, and to take actions when appropriate, without any system interruptions. MFA ensures only authenticated users can gain access to operate the system.”
“YubiKeys are fast, robust and best-in-class: a best-inclass device and best-in-class security. It’s very smooth, and saves time compared to the people who have to enter the TOTP because you need to type six numbers, for every account. It’s much faster just to touch a key.”
“Adopting YubiKeys has made it easy for us to continuously move our authentication strategy forward. Our goal is to enable passwordless authentication for all users in the future.”
Secure user access with the YubiKey
A modern hardware security key that offers phishing-resistant multi-factor and passwordless authentication.
- Reduce risk of credential theft by 99.99% and stops account takeovers while delivering 265% ROI
- Embrace multi-protocol support on a single key: Smart Card/ PIV, FIDO U2F, FIDO2/WebAuthn (passkeys), OTP and OpenPGP
- Deploy the most secure passkey strategy: device-bound that is purpose-built for security and Authenticator Assurance Level 3 (AAL3) compliant
- Secure user access at scale on any device, to legacy and modern applications, shared workstations, IT and OT systems including industrial control systems (ICS) like SCADA
- Bridge to modern FIDO2 passwordless authentication
- Does not need battery or cellular connectivity to function
Protect devices, servers and more with the YubiHSM
A hardware security module (HSM), that ensures enterprisegrade high cryptographic security and operations.
- Safeguard intellectual property, corporate secrets and secures manufacturing assembly lines
- Can be applied to any process where secrets and the authenticity of components needs to be managed
- Ultra-portable nano form factor allows for flexible deployment to any USB slot on servers, databases, robotic assembly lines, applications, and IoT devices
