Factories of the future, targets of today: How cybersecurity must safely enable industry 4.0

The Fourth Industrial Revolution is here, completely reshaping how manufacturers around the world design, produce and deliver. From predictive maintenance and cloud-connected robotics to AI analytics and digital twins, the smart factory is no longer a vision of the future but a reality of the present.

And the pace of transformation is breathtaking. By 2026, 15 billion new and legacy industrial devices are expected to be 5G-connected, and the use of operational technology (OT) assets is projected to grow 400% by 2030.  

McKinsey sees this as a new era of manufacturing efficiency – boosting labour productivity by 30 percent and slashing machine downtime by 50 percent, all while controlling costs and improving safety.

However, all this digital progress comes with risk. Every connected asset adds a potential vulnerability, expanding the attack surface and making cybersecurity more critical than ever. So smart factories demand smarter security, and this means tackling a new set of unique challenges. 

Challenge 1: IT vs OT – New meets old

IT and OT systems were never designed to work together but with major operational benefits presented by 5G connectivity, this has become essential. However, poor convergence between these systems holds significant implications for organisations.

Legacy OT systems have traditionally been protected from cyber threats by air gaps. Now connected to the cloud and IT environments, they are exposed like never before. 

IT systems, on the other hand, have the built-in security features that OT systems do not yet possess. And while they have the management and segmentation capabilities, they often lack the visibility into physical processes. This disconnect is a hacker’s dream. 

Many OT devices were not designed with security in mind, making them attractive entry points for attackers looking to gain access to the network. Therefore, OT systems require security evaluations before being paired with IT systems. 

Challenge 2: From digital to physical risk

According to  Comparitech, ransomware attacks have disrupted operations at over 850 manufacturing organisations worldwide between 2018 – 2024, with each day of downtime costing an average of $1.9m. However, weak  security – especially within OT assets – doesn’t just impact systems data and balance sheets, it can endanger physical assets and more importantly, human lives. 

A tragic example of how compromised assets could do real-world harm was seen in South Korea in 2023, when a worker was fatally crushed by a robot after it failed to distinguish him from boxes. This incident underscores the very real, physical dangers of compromised automation. 

Challenge 3: Business continuity

More than most other businesses, time is money in manufacturing. It’s an always-on operation, so every minute of machine breakdown or disruption to plant production can equate to millions in lost revenues or business costs.     

In 2024, the US arm of global vodka manufacturer, Stoli Group, suffered a catastrophic ransomware attack, disabling the company’s primary system for tracking resources and forcing essential functions such as accounting into manual entry mode. 

The attack severely limited its ability to conduct normal operations and was cited as a key contributing factor for its eventual bankruptcy in December 2024. 

Challenge 4: Regulation is raising the stakes 

Since October 2024, the EU’s NIS2 Directive has mandated new safety standards and stricter cybersecurity measures across sectors deemed critical, including manufacturing.

This means compliance can no longer be seen as optional. Executives are now directly accountable for breaches and failures, with legal, financial and reputational costs on the line. 

The solution: Securing smarter manufacturing starts with a smarter approach 

It’s time for cybersecurity to move from the periphery of a manufacturing strategy to its core. This requires taking a proactive, multi-layered approach, which includes:

• End-to-end visibility: Modern security platforms must protect against the entire environment, from core infrastructure to remote endpoints, with firewalls that learn and evolve to meet zero-day threats. The smart factory needs an end-to-end platform-approach to ensure no crucial security blindspots are missed.
• AI-driven speed and scale: Leveraging automation to faster detect advanced threats, process alerts and respond in real-time will allow manufacturers to stay ahead of sophisticated attacks before they paralyse –production. There is also the guarantee of increased threat visibility through deep learning capabilities and remote access, which helps to secure cloud infrastructure and boost company-wide knowledge of suitable AI tools.
• True IT/OT collaboration: Manufacturing cyber success depends on breaking down silos between IT and OT teams. Fostering collaboration to build an understanding of each other’s needs and roles is key to achieving successful and secure IT/OT convergence. And Palo Alto Networks’ Industrial OT Security can help by providing comprehensive visibility, zero-trust security and simplified operations to leverage existing infrastructure. It not only gives organisations the opportunity to deploy solutions in less time, but prevents any crossover of IT/ OT systems.

Conclusion

What’s needed is a shift in mindset: cybersecurity isn’t a cost of doing business, it’s a competitive advantage. Manufacturers that build security into their Industry 4.0 plans on day one will be far better positioned to unlock the value of this transformation.

In a world of rising threats and tightening regulations, smart manufacturers can no longer afford to treat security as an afterthought but tackle it head-on.