The Gist
Manufacturers are innovating faster than ever—and so are the risks that come with it. LevelBlue’s 2025 Cyber Resilience in Manufacturing Report captures that tension: rapid digitization, expanding automation, and AI transforming how factories operate.
For leaders in the sector, the report surfaces three signals that deserve attention:
- A growing alignment between cybersecurity and operations
- The slow adoption of Zero Trust
- A widening confidence gap around AI
Each signal reflects a sector making real progress, but the story isn’t complete.
The data shows momentum, yet it also reveals blind spots in how manufacturers define and measure manufacturing cyber resilience. This analysis calls out where that definition falls short—and what leaders can do now to get ahead of the risks it misses.
Alignment Is Improving—But It’s Not Complete
One of LevelBlue’s more encouraging findings: 68% of manufacturers say cybersecurity is now aligned with business priorities. That’s real progress for a sector defined by the tension between uptime and security. Cyber resilience is maturing—patching, visibility, and recovery have all advanced, and security is being built into production workflows rather than bolted on after the fact.
But manufacturers—your job isn’t done.
That alignment still stops short of where the next wave of risk is building: finance.
At first glance, finance might not sound like a cybersecurity concern. But according to our 2025 Socially Engineered Fraud & Risk Report, it’s becoming exactly that. Among U.S. companies earning $1B or more, one in three experienced a fraud attempt that succeeded—or nearly succeeded—because of miscommunication between finance and security teams.
That disconnect created a massive gap that cybercriminals can exploit. Security can’t stop at the edge of IT—it has to extend into the financial ecosystem where supplier payments, purchase orders, and vendor onboarding happen every day. Because when attackers infiltrate this gap, organizations don’t just face data loss; they face massive financial losses as well.
Zero Trust Still Isn’t Mainstream
One of the more alarming statistics: only 34% of manufacturers are investing in Zero Trust strategies. LevelBlue called this out as a critical area for improvement—and we agree.
It suggests that for many manufacturers, resilience still means recovery—or how fast you can get back up after an attack, rather than prevention.
The next phase of manufacturing cyber resilience will come from continuous verification, not post-event investigation. Just as a Zero Trust model continuously validates user behavior in IT systems, which is the focus of the LevelBlue report, financial security also needs to continuously validate payment behavior.
That philosophy is becoming essential as manufacturing supply chains grow more digital—and more dependent on third-party relationships. As we noted in the Zipline manufacturing phishing attack analysis, attackers increasingly target the weak links between partners, not the networks themselves.
That lack of continuous verification is about to get even riskier. And LevelBlue’s next insight highlights why: the speed and scale of AI are exposing exactly where confidence is outpacing capability.
AI Is Transforming the Risk Equation
Another concerning statistic LevelBlue highlights is the widening confidence gap around AI: only 32% of manufacturers feel prepared for AI-powered threats, yet more than half rate themselves “highly competent.”
That contradiction matters. AI is now both the enabler and the equalizer. It helps factories automate workflows and streamline operations, while helping attackers automate deception with unprecedented precision. What used to take days of reconnaissance can now be done in seconds.
We’re already seeing what this looks like in practice: AI-generated vendor updates, near-perfect impersonations, and invoices that mirror legitimate supplier histories. Attackers blend authentic financial data with generative AI to create scams that feel entirely real—down to timing, tone, and context.
In our own report, respondents reported that the controls failing most often were email and messaging security (44.6%), employee awareness training (32.2%), and compromised third-party vendors (31.6%). These numbers reveal the same pattern: attackers are bypassing traditional IT and awareness defenses by exploiting operational trust—the relationships and handoffs that keep production and payments moving.
Trustmi’s Take
Manufacturing cyber resilience must expand beyond IT.
The next phase of manufacturing cyber resilience will be defined by how well organizations protect the processes that connect operations, finance, and suppliers—not just the systems that power them. In an era of hyperconnected supply chains, resilience now lives in the handoffs between teams, not just the networks between machines.
Here’s how we see it evolving:
- Visibility is the new control.
LevelBlue’s findings on software visibility have a parallel in payment workflows. We’re seeing that manufacturers can’t protect what they can’t see—whether it’s open-source code or vendor bank accounts. You can’t protect what you can’t see.
- AI is accelerating deception—and response must match its speed.
Fraud and compromise attempts now happen in minutes, not days. Just watch one one of our recent payment fraud demos with top ethical hackers. The most resilient manufacturers are replacing manual reviews with automated, behavior-based validation—tools that learn normal patterns and flag anomalies before money moves
- Finance is the missing link in most manufacturing cyber resilience plans.
Manufacturers have made real progress aligning cybersecurity with operations, but finance remains outside the loop. Our own survey shows that’s where fraud most often breaks through. Security has learned to speak the language of operations; the next step is learning the language of finance.
- True resilience is proactive, not reactive.
Legacy controls focus on recovery; modern resilience prevents disruption altogether—protecting uptime, working capital, and trust in one motion. In manufacturing, prevention is the new productivity.
LevelBlue’s research shows how the landscape is shifting. Trustmi’s 2025 Survey, which included a segment of leading manufacturing companies, offers even deeper insight into how organizations are strengthening their cyber resilience.
