EDITOR’ S QUESTION
MIKE BRITTON, CIO, ABNORMAL SECURITY
The manufacturing sector is vulnerable to sophisticated cyberthreats, with cybercriminals focusing their efforts on exploiting supply chains and critical systems. Email continues to be one of the primary ways that attackers target this sector – In 2024, manufacturers faced a 79 % weekly risk of vendor email compromise( VEC), where attackers exploited weak points in vendor communications. Ransomware remains a significant threat, with 65 % of all industrial ransomware incidents targeting the sector, threatening manufacturers with disruptions to production and supply chains.
The best way an organisation can protect against advanced attacks facing the sector lies with a layered security strategy. This starts with security awareness training for end-users. Employees are a key line of defence and need to be able to identify the hallmarks
AI could detect anomalous behaviour that may indicate an attack.
of an email attack, such as urgent requests for sensitive information, poor spelling and grammar, or malicious links.
Organisations must prioritise training sessions that cover the mechanics of email attacks and the importance of vigilance. Simulated phishing exercises can be particularly effective to provide practical experience in identifying and responding to deceptive emails. It’ s also critical to have clear processes in place that ensure users actively report suspicious emails.
With Generative-AI making social engineering attacks more sophisticated and harder to detect, the increased threats facing manufacturing means that employee awareness alone is insufficient, and additional technology-based email security tools are vital. However, traditional security solutions like secure email gateways, which rely on static and known-bad indicators of compromise, are no longer enough.
Instead, manufacturers should consider cloudnative security platforms that incorporate AI-driven defences. Instead of looking for pre-determined or known indicators of compromise, like malicious links or bad sender domains, solutions that leverage AI models can instead look for anomalies outside the norm. By baselining normal behaviour across the email environment – including typical user-specific communication patterns, styles and relationships – AI could detect anomalous behaviour that may indicate an attack.
Automation plays a key role by auto-remediating any emails deemed malicious, which reduces the burden on security teams and allows them to focus on higher-priority threats while AI handles routine risk assessments and threat mitigation.
CISOs in the manufacturing sector must move beyond traditional defences and adopt proactive, AI-driven solutions. Tools which offer real-time threat detection and automated remediation can enable manufacturers to protect critical systems and maintain operational efficiency without compromise. The future of smart manufacturing will rely on resilient cybersecurity strategies that can adapt to this fastmoving threat landscape.
32 INTELLIGENTCIO EUROPE www. intelligentcio. com