‘Fundamental Tension’ Undermines Manufacturers’ Cybersecurity

Manufacturers have become prime cyber‑crime targets as the sector embraces automation and remote system management—a shift accelerated by the COVID‑19 pandemic. While these technologies boost efficiency, they also expand the attack surface, making factories vulnerable to sophisticated ransomware groups that now operate through affiliate models. According to Resilience, 2025 saw manufacturers absorb 25% of all ransomware incidents, a stark contrast to the 46% rise observed across the broader economy, highlighting the sector’s outsized exposure.

The report pinpoints multifactor authentication (MFA) misconfiguration as the single most costly weakness, responsible for roughly one‑quarter of all cyber‑related losses. Even a complete lack of MFA contributed to 10% of the financial damage, despite MFA being a relatively simple control to implement correctly. Ransomware accounted for 90% of losses between March 2021 and February 2026, dwarfing the 12% share of insurance claims it represented, which signals that many incidents go under‑reported or are settled outside formal insurance channels. This disparity underscores how attackers exploit manufacturers’ low tolerance for downtime and constrained security budgets.

Resilience’s recommendations focus on hardening the most vulnerable points: verify MFA deployments, enhance vulnerability‑tracking processes, tighten financial‑transfer restrictions, and enforce security standards across the supply chain. Industry groups are beginning to prioritize these measures, and policymakers are considering incentives to offset downtime costs associated with security upgrades. As the threat landscape evolves, manufacturers that resolve the "fundamental tension" between production continuity and cyber resilience will safeguard both their bottom lines and the broader national‑security ecosystem.