Fortinet: How to Counter Cyber Threats in Manufacturing

Manufacturing, among other industries, is falling victim to advanced cyber attacks. 

The increase in cyber incidents is being driven by the growing trend among manufacturers to digitise production and connect a wider range of devices across operational technology (OT) networks.

Factory systems that were once isolated are now integrated with corporate IT environments, leaving industrial control systems exposed to cyber threats that can disrupt production and compromise safety.

Fortinet’s 2025 State of Operational Technology and Cybersecurity Report outlines how manufacturers are responding to this converging threat landscape by bringing OT security under executive oversight and adopting approaches that combine visibility, segmentation and AI-driven detection.

“The seventh instalment of the Fortinet State of Operational Technology and Cybersecurity Report shows that organisations are taking OT security more seriously,” says Nirav Shah, Senior Vice President, Products and Solutions at Fortinet.

“We see this trend reflected in a notable increase in the assignment of responsibility for OT risk to the C-suite, alongside an uptick in organisations self-reporting increased rates of OT security maturity. Alongside these trends, we’re seeing a decrease in the impact of intrusions in organisations that prioritise OT security.

“Everyone from the C-suite on down needs to commit to protecting sensitive OT systems and allocating the necessary resources to secure their critical operations.”

OT security moves into the boardroom

Fortinet’s research points to a cultural shift across industries that rely heavily on OT, with manufacturing in particular showing significant change.

According to Fortinet, more than half of organisations (52%) now say that the CISO or CSO holds direct responsibility for OT – up sharply from 16% in 2022.

When all C-suite roles involved in OT oversight are included, that figure rises to 95%.

This shift reflects the growing recognition of operational technology as a strategic risk area.

Connected devices, programmable logic controllers (PLCs) and SCADA systems now sit at the heart of digital transformation efforts, making cybersecurity a core element of business continuity.

“Responsibility for OT security continues to elevate within executive ranks,” Fortinet says in the report.

“As accountability continues to shift into executive leadership, OT security is elevated to a high-profile issue at the board level.”

Manufacturing: A shifting threat landscape

Manufacturing continues to be the most targeted sector for cyber attacks, representing around a quarter of all incidents globally. Statista reports that manufacturing experienced the highest number of cyber attacks in 2023, with 638 incidents recorded.

Separate Statista data shows that the average number of phishing attacks per user reached 2.91 in 2024, with manufacturing and construction seeing approximately 1.65 attacks per user.

Fortinet finds that threat actors are increasingly using ransomware and wiper malware, including Ekans and Industroyer2, to disrupt industrial operations and exert financial pressure. These attacks take advantage of the “flattened” architecture common in older OT environments, where minimal segmentation allows malware to move laterally between IT and operational systems.

Fortinet’s research indicates that organisations with more mature OT security experience fewer operational outages and revenue impacts, falling from 52% to 42% year on year.

Building resilience depends on adopting best practices. The report shows that manufacturers applying basic cyber hygiene, user awareness and threat intelligence have significantly reduced business email compromise.

Efficiency also improves when vendors are consolidated into integrated OT security platforms, with some organisations reporting up to a 93% reduction in cyber incidents compared to flat networks and sevenfold improvements in triage and setup times.

Best practices for OT security

Manufacturers can strengthen OT defences against the growing risks of IT-OT convergence by applying Fortinet’s proven strategies outlined in the report.

These six recommendations focus on maintaining uptime for PLCs, SCADA and HMIs while reducing risk:

1. Implement strong network segmentation: Isolate critical industrial systems from corporate IT using ISA/IEC 62443 zones – FortiGate Rugged Firewalls thrive in factory conditions, blocking lateral movement from ransomware like Ekans.
2. Apply strategic patching and updates: Schedule non-disruptive patches during maintenance windows for legacy hardware lacking native security. Balance vulnerability fixes with production continuity to avoid costly downtime.
3. Enable continuous real-time monitoring: Deploy anomaly detection for protocol misuse and irregular controller patterns. FortiNDR provides AI-driven visibility, spotting threats before they halt assembly lines.
4. Establish clear governance frameworks: Align cybersecurity with safety and compliance standards, reflecting C-suite OT oversight. Ensure executive accountability drives resource allocation.
5. Foster cross-team collaboration: Unite IT, OT and security via FortiSIEM for shared playbooks and unified monitoring. This bridges silos, accelerating incident response in converged environments.
6. Invest in OT-specific training programmes: Train factory staff on industrial phishing and errors. Pair with FortiGuard OT Threat Intelligence for ICS-focused feeds, reducing human error in high-stakes operations.

Manufacturing’s limited tolerance for downtime makes it an attractive target for cyber threats. However, Fortinet's data demonstrates the value of proactive approaches and shows that they deliver results.

As threats continue to evolve, executive commitment and integrated platforms such as Fortinet’s enable organisations to safeguard production, intellectual property and safety as smart factories continue to expand.