For the fourth year in a row, manufacturing was the most targeted industry by cybercriminals in 2025. Why has this sector become such a consistent target?
As manufacturers adopt new technologies to improve efficiency and scale operations, they also introduce new risks. Increased use of cloud platforms, connected systems, and AI expands access to critical environments and creates more entry points for attackers.
A recent survey of large U.S. manufacturing executives found that 57 percent are using cloud systems and 29 percent are using AI/ML at the facility or network level. While these technologies drive productivity and scale, many organizations are not making corresponding cybersecurity investments to address the environmental vulnerabilities these technologies have introduced.
Why Manufacturing Has Become a Prime Target for Cybercriminals
Historically, manufacturing was not a prime target for cybercriminals due to its manual and largely offline operating models. That has changed rapidly. Today’s manufacturing environments rely heavily on third party integrators, connected equipment, vendor supplied software, and shared system data. As a result, manufacturers face more vulnerabilities than ever before.
And it is not just vulnerability, or easier access to sensitive data, that attracts cybercriminals. There’s potential for large scale disruption. A cyber incident can halt production, disrupt global supply chains, and create immediate financial pressure. Increased urgency often pushes organizations to prioritize restoration over resilience, making manufacturers especially attractive targets for cyber extortion – just think about the catastrophic impact from the Jaguar Land Rover cyberattack last year, which is still impacting sales today. It is no surprise that the manufacturing industry accounted for 38.9% of ransomware victims among companies earning more than $1 billion in 2025.
To reduce risk, organizations must treat cybersecurity as a core part of modernization. As manufacturing environments become more connected and digital, companies must either invest in stronger cybersecurity capabilities and third-party risk management programs or accept a higher level of risk and expected financial loss.
How Can Schneider Downs Help?
Schneider Downs partners with manufacturers to identify and assess cyber risk, strengthen security and compliance programs, manage third party and supply chain risk, and protect critical systems, data, and operations as technological environments continue to evolve. For more information, please contact our team at [email protected].
About Schneider Downs Cybersecurity
The Schneider Downs cybersecurity practice consists of experts offering a comprehensive set of information technology security services, including penetration testing, intrusion prevention/detection review, ransomware security, vulnerability assessments and a robust digital forensics and incident response team. In addition, our Digital Forensics and Incident Response teams are available 24x7x365 at 1-800-993-8937 if you suspect or are experiencing a network incident of any kind.
To learn more, visit our dedicated Cybersecurity page.
Want to be in the know? Subscribe to our bi-weekly newsletter, Focus on Cybersecurity.
