Skip to content
info@torosolutions.co.uk

+44 (0) 208 132 9267


Toro Insights

Manufacturing Security in 2025 - Why a converged approach is critical

HQ
Toggle
  1. Blog
  2. Manufacturing Security in 2025 - Why a converged approach is critical

Modern manufacturing is increasingly digital, fast-moving, and exposed to a wider range of security risks than ever before. From supply chain disruption to insider threats, from cyberattacks to physical breaches, manufacturers are now operating in an environment where traditional security boundaries no longer apply.

Despite this shift, many manufacturers still treat cyber and physical security as separate disciplines. This leaves them exposed to gaps in coverage, inconsistencies in response, and a lack of clear ownership during incidents.

In 2025, it is essential for manufacturers to adopt a converged approach to security. That means thinking holistically about risks, integrating cyber and physical security and designing resilience into operations from the ground up.

This article sets out the problem manufacturers face today and lays out a practical path to strengthen business resilience and compliance.

The Problem - An expanded risk landscape and siloed responses

1) Increased exposure to cyber threats

The manufacturing industry is under pressure, with cyber-attacks increasing by 300%[1] since 2019. In the first quarter of 2025 alone, ransomware attacks against manufacturers rose by 102%, with more than 50 known threat groups actively targeting the sector[2].

Manufacturers have become a prime target not only for their valuable intellectual property but also because of their heavy reliance on both IT and OT systems. Downtime can be extremely costly, and attackers are taking advantage of outdated infrastructure, unpatched devices, and limited maintenance windows. Many facilities are still using legacy systems without proper safeguards, creating easy entry points for cyber criminals.

The impact of an attack goes far beyond stolen data. It can halt production, damage equipment, damage a company’s reputation, lead to lost business, and even pose safety risks. Worryingly, attacks on supply chains are rising sharply. One study found a 50% increase, highlighting just how vulnerable interconnected operations have become and how quickly that risk is growing.[3]

2) Persistent physical security challenges

Whilst cyber threats have grown, physical security has not become any less relevant. In fact, it is often the physical world that opens the door to a cyber-attack.

Theft, vandalism, trespass, and sabotage continue to affect sites across the UK.

Activist and protest groups increasingly target specific industries and facilities, leading to business disruption or reputational risk.

Insider threats including disgruntled staff, negligent employees, or poorly vetted third-party contractors are now one of the leading contributors to both cyber and physical incidents.

In many organisations, physical security measures are in place but operate in isolation. CCTV, door access, guards and visitor logs may not be connected to digital monitoring systems, are poorly maintained, or reviewed in line with cyber threat intelligence.

3) A fragmented view of risk

Perhaps the most significant issue is not individual risks, but how they are managed. Most manufacturers still operate with separate teams, tools, and reporting lines for cyber and physical security. This creates several common weaknesses:

  • Gaps in coverage where no one is responsible for a hybrid threat (e.g. physical access used to deliver a cyber-attack).
  • Slower response times due to unclear ownership or lack of shared visibility.
  • Misalignment between security planning and wider operational or compliance strategies.

And critically people are often overlooked in this siloed model. Security awareness, insider threat management, and behavioural insights are often still low on the priority list despite being central to risk mitigation.

The result is a fragmented and reactive model of security one that fails to match the nature of the threats being faced.

The Solution - Converged Security

A converged security approach does not mean doing more or spending more. It means being smarter, more joined up and optimising what is already in place. It is about ensuring cyber and physical safeguards work together, rather than in parallel.

Below are six core principles manufacturers can adopt to achieve this.

1) Create a unified picture of risk

Start by mapping the risks that matter across both cyber and physical environments.

Combine security risk assessments into a single process covering buildings, systems, data, supply chain, and people behaviours.

Identify where vulnerabilities overlap, such as access control, credential management, or staff behaviours.

Prioritise risks not just by likelihood, but by operational impact for e.g. what would stop production or breach regulation?

This forms the basis for any effective risk mitigation or improvement roadmap.

2) Integrate security systems and processes

Integration does not always require new technology. In many cases, it means configuring what already exists to work together.

Buildings security systems are often reliant on IT infrastructure but are not always governed by the same controls often leaving them exposed to cyber threats. Adopt cyber controls to all systems to ensure a robust defence to cyber threats.

Use CCTV and smart monitoring to support both safety and threat detection.

Develop incident response playbooks that reflect combined threat scenarios.

For example, if a staff member accesses a sensitive area at night and connects an unauthorised device, that should trigger a coordinated alert across physical and cyber systems.

3) Encourage collaboration between teams

Organisational culture plays a key role in convergence. Many manufacturers operate with different reporting lines for IT security, facilities, and operations each with their own tools, language, and priorities.

Bring security, IT, and facilities teams together for shared planning and exercises.

Develop joint KPI’s and reports that focus on outcomes like time to respond or risk reduction, not just individual tool performance.

Ensure there is clear ownership for hybrid scenarios whether that is centralised in a converged security function or coordinated through structured processes.

Ensure that HR, legal, and training functions are also included, especially when tackling insider threats or setting policies that rely on staff compliance.

This also helps avoid duplicated efforts, missed insights, and conflicting messages to leadership.

4) Focus on resilience

Security is not just about preventing incidents, but ensuring the business can respond and recover.

Build continuity planning around likely threat scenarios, including both cyber and physical disruptions.

Identify critical assets and processes from access to buildings to availability of production data and ensure there are tested safeguards in place. Understand what is required to restore safe operations following an incident.

Manufacturing resilience is about maintaining output and safety even in the face of disruption. Security has a direct role to play in this.

5) Embed security in design

Converged security is most effective when considered at the earliest stage whether planning a site refurbishment, onboarding a supplier, or selecting new technology.

Use security standards such as ISO 27001 (information security) as a framework can help. Apply principles of Zero Trust across systems and sites - no implicit access, continuous verification, and clear audit trails.

Involve both cyber and physical perspectives in procurement processes and project planning. This not only avoids introducing new vulnerabilities but often delivers cost savings and compliance benefits at the same time.

6) Upskill your teams and build awareness

In 2025, human error remains a key vulnerability contributing to 95% of data breaches.[4] That’s why security must be treated as a shared responsibility across the entire organisation. Everyone across your business should understand how their actions affect security, and what the process is to report concerns.

Provide training tailored to different roles from floor staff to executives. Run joint tabletop exercises for cyber and physical incidents. The training you deliver is only effective if you test, test and test again.

Equip facilities and IT managers with enough knowledge to spot and report issues outside their normal remit. Where possible, invest in core skills that can bridge domains such as threat intelligence, risk assessment, or incident management.

Final Thoughts - A strategic shift for 2025

Security in manufacturing has changed. The threats are now more blended, the stakes higher, and the lines between cyber and physical more blurred. But that also creates a unique opportunity.

By converging security around risk, resilience, and business outcomes, manufacturers can improve protection, simplify compliance, and unlock efficiencies. This is not just about defending your business from threats it is about enabling it to operate with confidence.

To find out more about how Toro can help you on this journey to resilience please get in touch with the team info@torosolutions.co.uk.

 

[1] https://re-solution.co.uk/security-in-manufacturing-protecting-facilities/

[2] https://www.smartindustry.com/benefits-of-transformation/cybersecurity/article/55280831/leading-cyberattack-against-manufacturing-sets-record-in-q1

[3] https://securitybrief.co.uk/story/cyber-threats-rising-in-manufacturing-sector-study-warns#:~:text=The%20study%20indicates%20a%2050,rise%20to%2030%25%20in%202024 

[4] https://priorityoneit.co.uk/the-state-of-human-risk-2025-a-paradigm-shift-in-cybersecurity/