Cybersecurity in Manufacturing: Why the Factory Floor Is Now the Front Line

October is Cybersecurity Awareness Month, but for manufacturers, it’s more than a calendar reminder. It’s a flashing red light.

In this three-part blog series for Cybersecurity Awareness Month, we’ll explore what these rising threats mean for manufacturers, their supply chains, and the future of AI-powered operations, starting with how the manufacturing shop floor is becoming a new cyber battleground.

Why Manufacturing Can’t Afford to Ignore Cyber Risk

In August this year, Jaguar Land Rover (JLR) was hit by a devastating cyberattack. Production lines across the UK, Slovakia, China, India, and Brazil went dark. Employees were sent home. Suppliers were locked out of core systems. For more than a week, the company hemorrhaged revenue and lost control of its supply chain. Industry experts estimate the shutdown will cost the company more than $62 million USD (£50 million) per week.

JLR is one of the world’s largest automakers. But in the wake of the attack, its Tier 2 and Tier 3 suppliers, many of whom were mid-sized manufacturers, were collateral damage. Some couldn’t access parts ordering systems. Others couldn’t fulfill contracts. One German supplier temporarily closed its Slovakia plant. A few are already warning of potential insolvency.

This isn’t a worst-case scenario. This is happening now.

 Manufacturing Tops the List of Cyberattack Targets Globally

For the third straight year, manufacturing is the most-attacked industry globally, according to IBM’s 2025 Cost of a Data Breach report. The average cost of a breach in the sector is $4.76 million and rising, with 15% tied to supply chain compromise.

Why are attackers targeting manufacturing?

Because it works. Turns out, manufacturing is uniquely vulnerable on several fronts:

• High operational urgency = Faster ransom payouts
• Legacy infrastructure = Weaker defenses
• Complex supply chains = Ripple effects
• Slim margins + downtime sensitivity = Leaders more likely to pay ransoms

These realities are especially acute for mid-market manufacturers, where the stakes are high, but the resources are limited.

When a Breach Hits the Floor, It’s Not Just IT’s Problem

Cybersecurity used to be about protecting data. Today, it’s about protecting operations.

The JLR breach affected not just files, but factory throughput. And it’s not a one-off event:

• Bridgestone, one of the world’s largest tire makers, also confirmed a cyberattack in September 2025 that impacted North American manufacturing operations.
• Earlier this year, Chinese cyber-espionage campaigns targeted Southeast Asian manufacturing and telecom infrastructure.
• According to Bitsight, manufacturing represented 22% of all known cyberattacks in the past year, more than any other sector.

In modern manufacturing, IT and OT are deeply intertwined. If your ERP, MES, or supplier portals go down, you lose more than visibility. You lose capacity. You lose customers. In other words, you lose control.

What Mid-Market Manufacturers Can and Must Do Now

1. Treat Cybersecurity as Operational Resilience
   Start with a mindset shift. Security isn’t a compliance box to check. It’s a business continuity plan. If your systems are offline, your shop floor is offline. Every manufacturer should have a defined, documented incident response plan.
2. Protect the Front Door
   People are your first line of defense, and often the weakest. Phishing, stolen credentials, and misconfigured access controls remain the top causes of manufacturing breaches. Enforcing key best practices strengthens your protective guardrails:

• Multi-factor authentication (MFA)
• Role-based access
• Ongoing employee security training

Even small measures go a long way.

3. Harden What You Depend On
   If your ERP, MES, or vendor portal is vulnerable, so is your entire operation. Prioritize strong defenses around your essential solutions:

• Cloud platforms with built-in encryption and real-time monitoring
• Vendors that offer 24/7 managed security services
• Regular patching and audit trails
• Securing factory protocols (e.g., Modbus, PROFINET) with encryption, segmentation, and traffic monitoring

Legacy systems can’t defend against modern threats.

4. Know Your Supply Chain Exposure
   Whether you’re the target or the domino that falls next, supply chain risk is real. Asess and document your readiness at every stage:

• Which suppliers can access your systems
• What systems you depend on from your upstream partners
• How fast you can respond if any key partners go offline

Because when a Tier 1 goes dark, like JLR, everyone downstream suffers.

How Epicor Helps Manufacturers Stay Secure

At Epicor, we embed cybersecurity into the fabric of our manufacturing platforms. It’s not an afterthought. Our enterprise-grade public cloud is designed to deliver security, continuity, and scalability:

• Secure Cloud ERP Infrastructure – Built on Microsoft Azure, our solutions inherit best-in-class physical and cloud protections.
• 24/7 Threat Monitoring & Response – Our Cloud Reliability Center operates around the clock to detect, respond to, and contain threats.
• Automatic Patch Management – We handle critical updates for you, eliminating a major source of vulnerability.
• Role-Based Access Controls – Aligns with your workflows to ensure that only the right people have access to sensitive systems and data.
• Security Compliance Support – Including CMMC, ISO, NIST, and regional manufacturing regulations.

For hybrid or on-premises environments, the Epicor Security Suite adds critical layers of defense:

• Modern Endpoint Protection – Powered by SonicWALL Capture Client with Managed Detection & Response (MDR), our 24x7 Security Operations Center (SOC) takes immediate action in the event of a breach, isolating the device, severing network connections, and alerting your team, even in the middle of the night.
• Managed Firewalls – Continuously updated and monitored by Epicor experts.
• Secure Disaster Recovery – Epicor Secure Backup keeps your data offsite and ready to restore quickly.

And with Epicor Acadia , incident response becomes actionable: your plan is centrally located, responsibilities are clearly assigned, and progress is tracked in real time, so when minutes matter, everyone knows what to do and when to do it.
We also partner with customers to assess their current cyber risk posture and create a roadmap to modernize with confidence.

The Factory Floor Is the Front Line

If you’re a mid-market manufacturer, you may not make the news like Jaguar Land Rover. But you’ll feel the consequences just the same, and sometimes even more acutely.

Cybersecurity isn’t just about protecting information. It’s about protecting your people, products, and promises. In 2025, this means treating the factory floor as a digital battleground and ensuring you’re not walking into it unarmed.

Resources and Next Steps

Not sure where to start? Let’s assess your current security posture and build a practical plan designed for your industry.

Dan Houdek

Sr. Director of Product Marketing

Dan Houdek helps organizations build lasting relationships with customers and partners, driving revenue and market share. With experience in marketing, sales, and operations, Dan has successfully led initiatives for top brands like Dell, Microsoft, and AMD, delivering impactful marketing strategies and innovative technology solutions. 

Read More by Dan Houdek