Locking doors in industrial cybersecurity by Patrik Tikka
No industry is safe from the growing threat of cybercrime, but the manufacturing sector is taking the hardest hit. It has experienced the most dramatic rise in the financial fallout from data breaches, with an average increase of $830,000 per year. The problem becomes even more critical when you consider that downtime is one of the most expensive results of a cyber incident. A recent ABB survey found that unexpected outages can reach nearly $125,000 in losses for every hour they persist. It’s proof that the ability to recover from cyberattacks must be a central focus of any cyber‑resilience plan.
As manufacturing plants and infrastructure become increasingly digitized, the once-clear boundary between information technology (IT) and operational technology (OT) is fading. The battlefield now spans the entire organization, not just data centers or control rooms. Staying ahead requires knowing the risks, guarding against them, and keeping defenses sharp through regular reviews and tests.
A chain is only as strong as its weakest link
Given today’s hyperconnected factories, attackers don’t need to compromise an entire system. Identifying and breaching a single weak spot can be enough to infiltrate a plant. That’s why the traditional approach of relying on a fortified perimeter is falling out of step with modern threats. Firewalls alone can’t fully defend a mesh of interconnected devices and networks.
Real resilience now demands security embedded into the equipment itself. Take industrial variable speed drives (VSDs) as an example. These devices occupy the intersection between the physical and the digital, responsible for motor control while sharing data across systems. If left unprotected, cybercriminals could manipulate them to disrupt production lines, damage equipment, or access the broader plant network.
This is where ‘secure-by-design’ technology, a foundational approach to drive development, plays a fundamental role. By building in protections from the start, rather than bolting them on post-deployment, drives can serve as a first line of defense. The same philosophy must apply across all machinery to ensure robust end-to-end cybersecurity.
The illusion of total safety
Too many stakeholders within industrial cybersecurity still believe that enough spending can eliminate all risk. The reality is less comforting, as no system is ever completely secure. Some level of vulnerability will always remain. The challenge lies in finding the right balance between the cost of prevention and the potential cost of a breach.
Consider downtime on a production line. Replacing a damaged motor is expensive, but production halted for hours can easily double that expense. Similarly, the recent digital disruption at Heathrow that froze check-in and baggage drop, and stranded tens of thousands of passengers at terminals, shows how quickly technical issues cascade into major losses. The goal isn’t perfection; it’s proportionality.
That’s why businesses must treat cybersecurity as a strategic priority, not something confined to one department. Effective defense relies on informed risk assessment and cost-benefit analysis, resulting in a clear-eyed understanding of how best to balance protection and the risks at stake.
People, the wild card in the mix
Technology aside, human behavior remains one of the most unpredictable factors in any security model. Many breaches don’t stem from complex exploits but from a simple yet carefully crafted email. All it takes is one well-meaning employee clicking the wrong link to open the floodgates.
Cultivating a culture of cyber awareness is just as vital as implementing technical safeguards. Routine training sessions, phishing simulations, and organization-wide practice drills, applying to everyone from interns to senior executives, turn preparedness into second nature. Cybersecurity should be treated less as a siloed function and more like a fire drill – something practiced regularly until the correct response becomes instinctual.
Adapting to an ever-changing threat
Cybersecurity resilience isn’t a finish line to cross; it’s an ongoing pursuit. Malicious actors evolve, and regulations tighten. For instance, the EU’s upcoming Cyber Resilience Act will urge manufacturers to integrate baseline protections into a device’s design and address vulnerabilities across a its entire lifecycle.
The future of resilient industry hinges on a multi-layered approach: secure design at the component level, adherence to international standards, and an embedded culture of vigilance. Drives may serve as a practical starting point, but there’s a broader lesson to be learnt. Long-term resilience depends on protecting even the most inconspicuous assets when it makes sense, because a single weak point could put the entire system at risk.
Patrik Tikka
Patrik Tikka is Product Market Manager at ABB, a global technology leader in electrification and automation. By connecting its engineering and digitalization expertise, ABB helps industries run at high performance, while becoming more efficient, productive and sustainable so they outperform. At ABB, it calls this ‘Engineered to Outrun’. The company has over 140 years of history and around 110,000 employees worldwide.