Uniting Teams to Strengthen Ransomware Resilience

Advancements in hacker tactics are placing pressure on new areas of the enterprise.

Rekha Shenoy
Sep 10, 2025
Financial Cyber

Verizon’s 2025 Data Breach Investigations Report (DBIR) finds that within the manufacturing industry, ransomware attacks increased by 37 percent last year and played a role in 44 percent of all breaches. We should brace for continued escalation this year, given a recent warning of sophisticated phishing campaigns designed to deliver custom malware to “supply chain-critical manufacturing companies.”

Attackers are also doubling down on other entry points. A new FBI alert warns of threat actors seeking to bring down industrial control systems by exploiting thousands of end-of-life networking devices with unpatched vulnerabilities. Scanning attacks that are used to conduct reconnaissance and find exploitable security flaws within Internet of Things (IoT) devices and network routers increased by 91 percent in 2024.

Manufacturers are feeling the pain of being in the crosshairs. According to IBM’s annual Cost of a Data Breach Report 2025, the industrial sector, which includes manufacturing companies, recorded the third highest average breach cost at $5 million, driven in part by business disruption and revenue losses due to downtime.

While the cost of downtime is a primary concern, manufacturers are also feeling pressure to navigate and meet various regulatory and compliance standards. The NIST Cybersecurity Framework has been a standard for decades and is continually updated, ICE 62443 is increasingly a focus for OT environments, NIS2 raises the stakes for supply chain security, and the new Cyber Resilience Act (CRA) sets standards for manufacturers of digital products to be sold in the European Union. And this list just scratches the surface.

Challenges From Within

The reality within modern manufacturing environments adds additional challenges. Manufacturing infrastructure is among the most complex to protect for several reasons:

  • It consists of operational technology (OT) networks and Industrial Internet of Things (IIoT) devices that are connected to IT networks and out to the Internet.
  • It comprises a diverse range of device types from different vendors, and with different levels of security built in.
  • Some devices are new, others are legacy systems, and they have widely varying lifecycles.

Beyond the technical complexity, an additional blocker has been the human element. Responsibility for infrastructure is divided between two different teams with two different mandates.

  • Traditionally, IT leadership has a mandate to build, support, maintain, and keep network infrastructure available. Network engineers develop expertise in specific device types, and their success depends on their ability to ensure system uptime and reliability.
  • Security leadership has a mandate to detect and prevent breaches. They are focused on threats to the organization and hardening systems, so patching and upgrades are prioritized. With cyber risk being part of governance, risk, and compliance (GRC) programs, they are also increasingly aligned with auditing and compliance, which creates additional friction between the two teams.

Different mandates put network and security teams at odds, as they work independently with little understanding that they share the same goal: strengthening network cyber resilience.

Let’s take vulnerability management as an example.

As part of audits, security teams run scans to check for compliance and throw any vulnerabilities that surface over the fence to the network team to address. Scanning can negatively impact network performance, and it typically generates a significant number of false positives because many manufacturing assets aren’t recognized.

Additionally, legacy OT assets can have life spans of decades, which present unique challenges when it comes to proactively addressing risk. Not all vulnerabilities are created equal. And the reality is that there aren’t enough hours in the day to validate results, much less patch or manage upgrades for assets that are approaching the end of life.

Manual labor has been the last remaining barrier to success.

Collaborating Against a Common Enemy with AI and Automation

Senior decision-makers at manufacturing organizations say they see strategic advantage in converged network and security solutions that enhance security and resilience, while reducing IT workloads.

Ransomware is a common enemy as it affects uptime and security. Therefore, it makes sense to search for a converged solution. Vulnerability intelligence in the manufacturing environment is an opportunity for network and security teams to be on the same page. Here’s how.

There’s a mountain of work involved in correlating CVEs to the device manufacturer, device type, device version, and firmware version. And then network teams still lack the context to understand if the CVE is being actively exploited and if it is a high priority for teams to address. What’s more, CVEs are just one source of vulnerabilities. Teams also need to track information from device vendors, websites, and other sources.

Enter AI and automation. According to Gartner, by 2026, 30 percent of enterprises will automate more than half of their network activities, tripling their automation efforts from mid-2023. Additionally, 50 percent of enterprises will use AI functions to automate Day 2 network operations. AI enhances automation by significantly speeding up iteration, learning, and problem-solving processes.

Solutions that leverage AI and automation to track vulnerabilities from various sources and score vulnerabilities with context help prioritize remediation. This approach enables teams to automate remediation or determine if a workaround, such as a configuration change, is available and deploy it. Automation can also close the loop by validating that vulnerabilities are remediated correctly.

To stay ahead of many vulnerabilities, compliance with the Center for Internet Security (CIS) Benchmarks, which aligns with essential industry regulations, establishes a healthy posture. When teams automate compliance checks to run regularly, they can remediate during windows that work best for their manufacturing operations and proactively mitigate risk.

Building resilience means being able to detect issues quickly, contain them before they cause significant impact, and recover operations quickly with minimal disruption. When teams collaborate, they can turn the page on ransomware and other threats to uptime.

Latest in Facility
Heading to Pack Expo? Connect with Hixson at Booth N-7432!
Sponsored
Heading to Pack Expo? Connect with Hixson at Booth N-7432!
September 1, 2025
Image20250903142321
Nelson-Jameson Overhauls New Pennsylvania Distribution Hub
September 10, 2025
Rite Hite
Fast Security Doors for Facility Exteriors
September 10, 2025
A construction worker carries steel decking at the site of a construction of a housing project, Thursday, July 31, 2025, in Portland, Maine.
Employers Added 911,000 Fewer Jobs than Originally Reported
September 9, 2025
Related Stories
Image20250903142321
Facility
Nelson-Jameson Overhauls New Pennsylvania Distribution Hub
A construction worker carries steel decking at the site of a construction of a housing project, Thursday, July 31, 2025, in Portland, Maine.
Facility
Employers Added 911,000 Fewer Jobs than Originally Reported
I Stock 1366964146
Facility
Virginia Nuts, Snacks Producer Adds New Facility
Heading to Pack Expo? Connect with Hixson at Booth N-7432!
Sponsor Content
Heading to Pack Expo? Connect with Hixson at Booth N-7432!
More in Facility
Tracking Ingredients, Processes, and Costs in Food Manufacturing
Sponsored
Tracking Ingredients, Processes, and Costs in Food Manufacturing
Few sectors are as dependent on traceability as the food industry. Here’s what traceability software can do for you. 
September 1, 2025
Rite Hite
Facility
Fast Security Doors for Facility Exteriors
These doors combine exceptional speed, robust double-walled aluminum construction and advanced safety features.
September 10, 2025
A construction worker carries steel decking at the site of a construction of a housing project, Thursday, July 31, 2025, in Portland, Maine.
Facility
Employers Added 911,000 Fewer Jobs than Originally Reported
New data shows the U.S. job market was much weaker than thought in 2024 — as well as this year.
September 9, 2025
I Stock 1366964146
Facility
Virginia Nuts, Snacks Producer Adds New Facility
The move will allow the company to offer new snack mix products.
September 9, 2025
Reindeer stand at a farm in Lulea, Sweden, Saturday, Aug. 16, 2025.
Facility
Sweden's Plans to Mine Rare-Earth Minerals Could Ruin the Lives of Indigenous Sami Reindeer Herders
A mine at Per Geijer could completely cut off reindeer migration routes.
September 9, 2025
Early and informed planning around water and wastewater systems is becoming essential for industrial project delivery. Successful outcomes increasingly depend on how well industrial owners, engineers, municipalities, and regulators align to identify and resolve hidden infrastructure risks before they delay or derail projects.
Facility
Why Wastewater Planning Is Now a Front-End Priority for Industrial Growth
Solving for water has become a core strategic priority for manufacturers.
September 8, 2025
Six Sigma
Facility
You Don’t Have to Inspect Every Egg: Building Quality Through Six Sigma
Six Sigma isn’t just a methodology. It’s a mindset that leadership must champion.
September 5, 2025
Pyka Pelican 2 Heinen Bros
Facility
Autonomous Crop-Spraying Drone Finds Its First Major U.S. Distributor
The first Pelican 2 aircraft are expected to be delivered in the coming months.
September 4, 2025
In this image taken from video released by the USDA, Gray wolves halt an attack on a cow at an undisclosed location along the Oregon/California border after a drone emits noises at them as part of efforts by the USDA to monitor predators at night and repel them from livestock by non-lethal means.
Facility
Drones Blasting AC/DC and Scarlett Johansson Are Helping Biologists Protect Cattle from Wolves
The drones followed electrified fencing, wolf alarms, guard dogs and horseback patrols.
September 2, 2025
Laurent Freixe applauds during an event in Vevey, Switzerland, Sept. 18, 2014.
Facility
Nestlé Dismisses CEO After an Investigation into a Relationship with a Subordinate
Laurent Freixe will be replaced by longtime executive Philipp Navratil.
September 2, 2025
Food How To Achieve Full Inventory Control In Food Manufacturing
Facility
How to Achieve Full Inventory Control in Food Manufacturing
Inventory management directly affects product safety, compliance, and profitability. Here’s how to be safe, efficient, and profitable.
August 29, 2025
From left, General Mills Chief Innovation, Technology and Quality Officer Lanette Shaffer Werner, Chairman and CEO Jeff Harmening and CFO Kofi Bruce at a groundbreaking ceremony for the expansion of the JFB Technical Center.
Facility
General Mills to Expand R&D Hub
The $54 million project will add a two-story pilot plant wing.
August 29, 2025
Cranberry grower Jarrod Rhodes points out to engineer Robert Kennedy, right, the path of water flow at a cranberry bog being restored to a natural habitat at the South Meadow Bogs, Thursday, Aug. 7, 2025, in Carver, Mass.
Facility
Cranberry Bogs Given a Second Life as Vibrant Wetlands
The project is part of a growing push by cranberry farmers to choose conservation.
August 28, 2025
The Colorado River cuts through Black Canyon, June 6, 2023, near White Hills, Ariz.
Facility
The Colorado River Is in Trouble; Some Groups Want the Government to Step Up
The river supports 40 million people across seven states.
August 27, 2025
The Cracker Barrel Old Country Store logo in Pearl, Miss., is photographed, Sept. 12, 2023.
Facility
Cracker Barrel Relents, Says Its Old Logo Will Return
The chain had announced plans for a simplified design featuring only the company's name last week.
August 27, 2025