The rise in cybersecurity threats – as well as cyber incidents – can be attributed to the upward trend of manufacturers digitising production and connecting more devices across operational technology (OT) networks.

Once isolated factory systems are now linked to corporate IT environments, exposing industrial control systems to cyber threats that can halt production and jeopardise safety.

Fortinet’s 2025 State of Operational Technology and Cybersecurity Report highlights how manufacturers are adjusting to this converged threat landscape – placing OT security under executive oversight and adopting strategies that blend visibility, segmentation and AI-driven detection.

“The seventh instalment of the Fortinet State of Operational Technology and Cybersecurity Report shows that organisations are taking OT security more seriously,” says Nirav Shah, Senior Vice President, Products and Solutions at Fortinet.

“We see this trend reflected in a notable increase in the assignment of responsibility for OT risk to the C-suite, alongside an uptick in organisations self-reporting increased rates of OT security maturity. 

“Alongside these trends, we’re seeing a decrease in the impact of intrusions in organisations that prioritise OT security. 

“Everyone from the C-suite on down needs to commit to protecting sensitive OT systems and allocating the necessary resources to secure their critical operations.”

OT security now reaches the boardroom

Fortinet’s research shows a cultural shift in a range of industries that are heavy users of OT, particularly manufacturing. 

Fortinet finds that more than half (52%) of organisations now report that the CISO or CSO is directly responsible for OT, a stark increase from just 16% in 2022. 

That figure climbs to 95% when accounting for all C-suite roles involved in OT oversight.

This trend is also a reflection of how operational technology has become a strategic risk domain. 
Connected devices, programmable logic controllers (PLCs) and SCADA systems are now integral to digital transformation ambitions, making cybersecurity inseparable from business continuity.

“Responsibility for OT security continues to elevate within executive ranks,” Fortinet says in the report.

“As accountability continues to shift into executive leadership, OT security is elevated to a high-profile issue at the board level.”

Manufacturing: A threat landscape in flux

The manufacturing sector remains the most targeted industry for cyberattacks, accounting for roughly a quarter of all global incidents. 

Statista found that the manufacturing sector faced the highest number of cyber attacks in 2023, with 638 reported.

Another Statista report also found that, on average, the number of phishing attacks per user in 2024 reached 2.91, with manufacturing and construction hitting around 1.65 attacks per user. 

Threat actors increasingly deploy ransomware and wiper malware such as Ekans or Industroyer2 to cripple industrial operations and apply financial pressure, Fortinet finds.

This is because these attacks exploit the “flattened” architecture of many older OT environments, where limited segmentation allows malware to move laterally between IT and operational systems. 

Fortinet’s research shows organisations with higher OT security maturity levels experience fewer operational outages and revenue impacts, down from 52% to 42% year-on-year.Adopting best practices is the best way to build resilience. Fortinet’s report finds that manufacturers implementing basic cyber hygiene, user awareness and threat intelligence have cut business email compromise significantly. 
Consolidating vendors into integrated OT security platforms also enhances efficiency, with some organisations seeing up to a 93% reduction in cyber incidents compared to flat networks and seven times improvements in triage and setup times.

Best practices for OT security

Manufacturers can fortify OT against escalating IT-OT convergence threats using Fortinet's proven strategies from the report.

These six tips prioritise uptime for PLCs, SCADA and HMIs while slashing risks.

1. Implement strong network segmentation: Isolate critical industrial systems from corporate IT using ISA/IEC 62443 zones – FortiGate Rugged Firewalls thrive in factory conditions, blocking lateral movement from ransomware like Ekans.
2. Apply strategic patching and updates: Schedule non-disruptive patches during maintenance windows for legacy hardware lacking native security. Balance vulnerability fixes with production continuity to avoid costly downtime.
3. Enable continuous real-time monitoring: Deploy anomaly detection for protocol misuse and irregular controller patterns. FortiNDR provides AI-driven visibility, spotting threats before they halt assembly lines.
4. Establish clear governance frameworks: Align cybersecurity with safety and compliance standards, reflecting C-suite OT oversight. Ensure executive accountability drives resource allocation.
5. Foster cross-team collaboration: Unite IT, OT and security via FortiSIEM for shared playbooks and unified monitoring. This bridges silos, accelerating incident response in converged environments.
6. Invest in OT-specific training programmes: Train factory staff on industrial phishing and errors. Pair with FortiGuard OT Threat Intelligence for ICS-focused feeds, reducing human error in high-stakes operations.

Manufacturing’s low downtime tolerance makes it a prime target when it comes to cybersecurity threats.

However, Fortinet data showcases how important proactive strategies are and, most importantly, that they work.

As threats continue to evolve, executive buy-in and integrated platforms like Fortinet’s position leaders to protect production, IP and safety amid smart factory growth.

source:
https://technologymagazine.com/news/how-fortinet-is-tackling-manufacturing-cyber-threats