Skip to main content
Marsh logo

Article

Cyber risk in manufacturing: Navigating emerging threats and building resilience

This article captures insights from the second webinar in a quarterly series dedicated to emerging risks shaping the manufacturing and automotive industry, featuring perspectives from Marsh leaders.

04/23/2026 · 7 minute read

This article captures insights from the second webinar in a quarterly series dedicated to emerging risks shaping the manufacturing and automotive industry, featuring perspectives from Marsh leaders.

Manufacturing & Automotive Emerging Risks webinar series

Register for the next Manufacturing & Automotive Emerging Risks webinar today!

Register now

Manufacturing has long been the backbone of the global economy, but today it faces an unprecedented and escalating cyber threat landscape. Manufacturing is a highly targeted industry for cyberattacks, as noted in the IBM X-Force 2026 report, driven by its interconnected supply chains, valuable intellectual property, and complex informational and operational systems.

As Falak Kothari, Marsh Risk Canada’s Manufacturing Industry Leader, notes, “manufacturing is one of the industries that hasn't had a sector-wide cybersecurity mandate, leading to slower investment historically,” which has contributed to its vulnerability.

As cyber risks evolve, they no longer confine themselves to isolated informational technology (IT) systems. Instead, they increasingly blur the lines between informational and operational technology (OT), creating systemic vulnerabilities that ripple across factories, suppliers, distributors, and customers — an effect seen in recent industry incidents with large auto manufacturers.

The stakes are high: cyber incidents can shut down production lines for weeks or months, resulting in millions or even billions of dollars in losses. This reality demands a fresh, data-driven approach to cyber risk management — one that integrates robust controls, comprehensive insurance, and continuous preparedness.

The complexity of cyber risks in manufacturing and the rise of AI

Manufacturing’s cyber risk profile is uniquely complex. Traditional silos between IT and OT are dissolving, exposing operational systems to threats that once targeted only corporate networks. Cyberattacks now frequently cause “abundance of caution” shutdowns, where organizations halt operations proactively to assess the event, even if OT systems are not directly compromised. These shutdowns, while protective, can themselves lead to significant losses.

Supply chain vulnerabilities compound the risk. Attackers exploit applications, including those accessed by third parties, moving laterally through interconnected networks to gain access.

As Matt Berninger, Marsh’s Principal Cyber Analyst, explains, “attackers know they can walk through multiple networks to get into victim networks.” He further emphasizes that “ransomware is about leverage; manufacturing is a high-leverage, high-downtime industry with disruptions that can halt production for extended periods, amplifying operational and financial impact and making it a prime target for attackers.”

The rise of AI further amplifies these risks, with employees often using AI tools without formal controls, creating new attack surfaces. Matt also warns, “errors and misconfigurations lead to a substantial amount of cyber events, especially as more systems move to the cloud and integrate AI.”

Moreover, “third-party connections are driving more ransomware events; attackers breach a central provider to impact thousands at once,” a tactic seen in high-profile campaigns like Clop and MOVEit in 2023. He adds, “identity supply chain is now the number one way attackers are getting in, not malware,” citing United 42’s Global Incident Response Report 2026 and underscoring the evolving nature of attack vectors.

Data-driven cyber risk quantification: A foundation for informed decisions

Effective cyber risk management begins with understanding and quantifying risk. Marsh’s Cyber Risk Intelligence Center leverages a broad spectrum of data sources — from public incident reports to proprietary insurance claims and dark web monitoring — to build a comprehensive risk picture through a robust suite of cyber quantification tools.

Scott Stransky, leader of Marsh’s Cyber Risk Intelligence Center, highlights a striking data point, “if your organization was mentioned on the dark web, your chance of a cyber insurance loss more than doubles — from about 1.9% to nearly 5% within the next year.”

Public data, while accessible, is often biased toward large, publicly traded companies and English-speaking regions. Insurance claims data, however, offers a more unbiased and detailed view of actual losses, enabling more accurate modeling.

For example, Falak notes that "ransomware and resulting business interruption continue to be a top claims driver in manufacturing cyber risk."  

Marsh’s cyber self-assessment tool is a practical starting point for manufacturers to benchmark their cybersecurity controls, quantify risk reduction, and prioritize investments. By correlating controls like multi-factor authentication and cybersecurity training with incident frequency, organizations can allocate budgets for maximum return on investment.

Key cybersecurity controls and their impact on risk reduction

Not all cybersecurity controls are created equal. Data from Marsh reveals that certain controls may significantly reduce the likelihood of incidents. Multi-factor authentication, endpoint detection and response (EDR), network hardening, and especially cybersecurity training stand out as high-impact measures.

On the OT side, the importance of a well-developed and rigorously tested industrial control systems (ICS) incident response plan cannot be overstated.

Scott notes that “all five key OT controls studied in a recent Marsh analysis reduce cybersecurity incident likelihood by double-digit percentages,” demonstrating the tangible benefits of targeted controls.

This involves not just drafting a plan but conducting regular tabletop exercises that engage cross-functional teams and senior management to simulate real-world scenarios and identify vulnerabilities before a cyberattack occurs. However, Liz Limjuco, Marsh’s Cyber Industry Leader, points out a critical gap: “29% of organizations do not include senior management in tabletop exercises, missing critical planning and preparation,” and “19% hold tabletops less than annually,” which can leave organizations underprepared.

Continuous improvement and collaboration across IT, OT, risk management, and executive leadership are essential to building a resilient cyber defense posture.

The growing role of cyber insurance in manufacturing

As cyber threats intensify, more manufacturers are turning to cyber insurance as a critical component of their risk management strategy. Liz notes a clear trend: “Over the past two years, we’ve seen an increased uptake in purchasing insurance in the manufacturing industry.” This surge is driven by rising ransomware attacks and the costly business interruptions they cause.

Cyber insurance policies should be comprehensive, at a minimum, covering IT, OT, and emerging technologies and the ensuing losses from a cyber related event. Rather than viewing insurance as a separate silo, manufacturers are advised to integrate it with their broader cybersecurity and risk mitigation efforts. Insurance provides financial protection that complements controls and preparedness, helping organizations manage the total cost of cyber risk. Some clients have even “hired actuaries to build their own cyber risk models, correlating their views with Marsh's data,” according to Scott, reflecting a sophisticated approach to risk quantification.

Preparing for the future: Emerging technologies and continuous cyber risk management

Looking ahead, emerging technologies like quantum computing present new challenges. Quantum computers threaten to break current encryption standards, putting data in transit at risk. Matt advises manufacturers to “start with better visibility and inventory of what data you have, how you’re handling it, and how you’re transmitting it.” Preparing for post-quantum cryptographic standards today will ease the transition when quantum threats become more immediate.

Cyber risk management is not a one-time project but a continuous journey to understand, measure, and manage risk effectively. Regular tabletop exercises, involving senior leadership, are vital to maintaining readiness. Yet, as noted earlier, a significant portion of organizations exclude senior management from these exercises, representing missed opportunities to strengthen resilience.

A call to action for manufacturing leaders

Given the complexity of the risk landscape and the increase in cyberattacks impacting manufacturers, Lisa emphasizes that “now is the time to lay the foundation.” 

Here are several ways manufacturing leaders can build a stronger cyber defense:

Use these assessments to benchmark your controls, quantify your risk, and prioritize investments based on data-driven insights.

Understand your extended network dependencies and incorporate them into your risk management and tabletop exercises.

Engage cross-functional teams and senior management in regular tabletop exercises to prepare for OT-related cyber incidents.

Verify your policy covers IT, OT, and emerging risks, and update it as the landscape evolves.

Include executives in cyber preparedness activities to align risk management with business strategy and decision-making.

Inventory your data and stay informed about emerging trends to mitigate future risks.

By embracing a holistic, data-driven approach to cyber risk, you can better protect your operations, safeguard your supply chains, and secure your future in an increasingly digital world.

To learn more about protecting your manufacturing operations from cyber threats, speak with a Marsh representative.

Contact us

Webinar

Manufacturing & Automotive Emerging Risks webinar series

Register for the next Manufacturing & Automotive Emerging Risks webinar today!

Register now

Our people

Placeholder Image

Lisa Caldwell

Commercial US Manufacturing and Automotive Industry Practice Leader

  • United States

Matthew Berninger

Matthew Berninger

Principal Cyber Analyst, Marsh McLennan's Cyber Risk Intelligence Center

  • United States

Scott Stransky

Scott Stransky

Managing Director, Head of the Cyber Risk Intelligence Center at Marsh McLennan

Falak Kothari

Falak Kothari

Manufacturing Industry Leader, Marsh Risk Canada

  • Canada

Contact us

Fill out the form below to speak with a specialist about protecting your manufacturing operations from cyber threats.

Related insights

Production line of automobile plant, paint shop, conveyor. Finished product

Webcast

Cyber threats in manufacturing: Insights, challenges, and solutions

03/13/2026
Corporate business team and manager in a meeting

Podcast

Risk in Context Podcast: Building manufacturing resilience amid evolving trade agreements

02/10/2026
Cover of Marsh's report on Trade policy outlook for North American manufacturing — Preparing for the USMCA 2026 joint review

Report,Featured insight

Trade policy outlook for North American manufacturing

09/12/2025
Cover of Marsh's report on Trade policy outlook for North American manufacturing — Preparing for the USMCA 2026 joint review

Report

Trade policy outlook for North American manufacturing

09/12/2025
View more