Top cybersecurity issues for manufacturers as digital transformation accelerates

Rebounding U.S. manufacturing activity in recent months, continued margin pressure and the increasing delivery of smart products to customers are all likely drivers of increased technology deployment for industrial companies. Some of these technologies will range from automated production and data-informed factory floors to digital twins and smart products. As technology becomes an increasingly critical piece of business operations and revenue generation for manufacturers, it cements cybersecurity as an important core business issue, rather than primarily a back-office concern.

Digital identity is one area that middle market manufacturers may need to strengthen to enable better cybersecurity and manage the evolving threat landscape. In a recent survey of middle market executives across all industries (not just manufacturing), 46% of those at companies with $30 million to $250 million in annual revenue said their business uses a centralized identity and access management system with support for multifactor authentication, according to the RSM US Middle Market Business Index Special Report: Cybersecurity 2026. That share was 53% for organizations with revenue of $1 billion to $10 billion.

“Digital identity is shifting from what it was several years ago, when companies were focused on having strong passwords and controlling access to traditional systems,” says David Carter, a director and industrials senior analyst at RSM US LLP. “It’s getting more complex as companies adopt more cloud solutions, and there are identity tools that enable companies to better protect themselves.”

Addressing cyber vulnerabilities is much more than a risk issue; it’s also a competitive imperative, given that 81% of respondents across all industries plan to increase their cybersecurity budget this year, according to RSM’s report.

Here are three critical factors shaping the cybersecurity landscape for manufacturers:

1. Rising technology adoption vs. legacy operations

Manufacturers don't often hold volumes of sensitive personal information like financial services and health care companies do, yet industrial companies continue to be a top target for cyberattacks. Why? Growing reliance on technology from the office to the shop floor has increased the ability of ransomware to disrupt operations without corresponding growth in security budgets. Production environments that depend on interconnected systems are particularly vulnerable, because downtime can halt operations entirely.

“Attacks like ransomware are so much more impactful today because manufacturers are much more dependent on technology than they were several years ago,” Carter says. “Companies need to develop security processes that account for those more modern operations."

2. Smart products create new exposure and requirements

Another growing challenge is the shift from traditional products to smart, connected products and offerings. Manufacturers increasingly find themselves managing software, data flows and customer connectivity.

“We continue to see more manufacturing companies that make traditional, physical products introducing smart products and smart services,” Carter says. “They’re becoming more technology-centric companies, but they may not think of themselves as technology companies.”

This transition introduces new risks, including software vulnerabilities, data privacy concerns and reputational damage if customer-facing products are compromised. Manufacturers may need to assess whether security architecture has been fully embedded into product development processes.

The increasing intelligence of products and services, along with attention on supply chain risks, also has manufacturers fielding a variety of customer security requirements and questionnaires (e.g., Cybersecurity Maturity Model Certification requirements in the defense supply chain and IEC 62443 standards in product security). This makes cybersecurity compliance an important enabler of revenue growth.

3. Scaling capacity without overextending

Manufacturers supporting data center build-outs and infrastructure expansion face a third challenge: scaling production quickly while managing capital risk. Tools such as digital twin simulations can help optimize capacity and deliver more efficiently, but businesses need to deploy those tools securely to avoid creating new attack surfaces.

As manufacturers seek to further leverage digital twins, artificial intelligence and other modern tools, the need for more and better data will increase connectivity across enterprise systems and industrial systems, making cybersecurity more critical. Managing this interconnectivity requires disciplined governance over third-party risks, clear data ownership standards and cybersecurity controls that scale with more data-intensive operations.

How manufacturers can address these challenges

Focusing on foundational controls and aligning security investments with business strategies can help manufacturers significantly reduce cybersecurity risk.

Practical steps manufacturers can take include:

Cybersecurity will help enable manufacturers’ success when it is aligned with operational goals and built into transformation initiatives from the start. Working with a third-party advisor on the actions above can help manufacturers manage risk and boost their cybersecurity resilience.