This article is part of:Centre for Cybersecurity

• Leading manufacturers treat cybersecurity as an essential part of their business culture, not just an IT concern.
• Proactively designing cybersecurity into every layer of their operations from the outset is a key objective in mitigating cyberattacks.
• The Centre for Cybersecurity partnered with the Global Lighthouse Network to create awareness about cybersecurity and understand their security measures.

Leading manufacturers view cybersecurity as a core element of business culture – not just an IT issue. By embedding cybersecurity into every layer of their operations from the start, they proactively reduce exposure to cyberthreats.

To raise awareness and assess cybersecurity practices, the Centre for Cybersecurity partnered with the Global Lighthouse Network. As digital transformation reshapes manufacturing, global lighthouses are achieving remarkable gains in productivity and sustainability. Yet, this transformation remains complex, influenced by technological, operational, organizational and external challenges.

Just-in-time operations add further pressure, requiring seamless integration, zero downtime and instant data access. Consequently, digital transformation extends well beyond the factory floor to suppliers, logistics providers and customers. However, a lack of standardized protocols across the supply chain continues to hinder end-to-end visibility.

The manufacturing sector is still in the early stages of building a culture of cyber resilience, according to the World Economic Forum’s Global Cybersecurity Outlook 2025. Yet, increased connectivity through the Industrial Internet of Things (IIoT), cloud platforms and smart factory technologies expands the cyberattack surface.

At the same time, the manufacturing industry continues to rely on numerous legacy systems that were not built with cybersecurity in mind, leaving them especially vulnerable to breaches.

Achieving seamless interoperability between operational technology (OT) and information technology (IT) also remains a major challenge but aligning these domains is critical to maintaining the responsiveness and efficiency that just-in-time operations require.

In response to the growing cybersecurity challenges facing the manufacturing sector, the World Economic Forum’s Centre for Cybersecurity launched the Cyber Resilience in Manufacturing initiative in 2023, bringing together a community of manufacturers with a shared vision – enhancing cybersecurity and embedding resilience into the fabric of manufacturing operations.

This initiative developed a comprehensive framework titled Building a Culture of Cyber Resilience in Manufacturing, setting out three guiding principles to drive cyber resilience across manufacturing, offering an actionable roadmap for manufacturers aiming to build stronger defences against cyberattacks:

• Make cyber resilience a business priority
• Drive cyber resilience by design
• Engage and manage ecosystems

The Centre for Cybersecurity then partnered with the Global Lighthouse Network – a community of 189 of the world’s most advanced technology-driven manufacturing sites – working with various Lighthouses to create awareness about cybersecurity and understand the measures they take in their manufacturing sites to ensure cyber resilience.

During Wave 12, we surveyed the Lighthouses to understand how they drive cyber resilience along the three guiding principles mentioned.

Based on insights from over 20 operational sites transformed into Lighthouses, here are some key findings on what leading manufacturers are doing in cybersecurity.

Making cyber resilience a business priority

Lighthouses are embedding cyber resilience into their culture by:

• Promoting responsibility models at every level of the organization: Foster organization-wide alignment and resilience by embedding shared cybersecurity responsibility across all roles, supported by clear accountability and structured approaches to ensure cybersecurity becomes a shared commitment.
• Investing in training and awareness raising: By running comprehensive programmes, year-round campaigns, mandatory assessments and quarterly training for key personnel. These efforts ensure that employees stay informed and vigilant.
• Incentivizing secure behaviour: By recognizing and rewarding employees participating in security and cyber-safe actions, for example, through performance bonuses tied to cybersecurity protocols.

Read the case study on how Schneider Electric ties cybersecurity objectives to the performance of its internal performance management system.

Driving cyber resilience by design

Lighthouses are embedding secure-by-design principles into every layer of their operations to proactively mitigate risks and protect business continuity. Security is built into processes from the ground up by:

• Performing risk-based assessments of all IT/OT assets and prioritize controls: IT and OT networks are securely segmented by firewalls and centrally managed, with all assets tracked in dedicated systems to ensure robust control, visibility and oversight.
• Building a cyber-resilient architecture by enforcing strict end-to-end policies: A cyber-resilient architecture is achieved through intelligent firewalls, precise network segmentation and centralized device management, which securely isolate networks and minimize lateral threat risks.
• Maintaining comprehensive cyber incident response plans, with dedicated protocols tailored to OT environments: Regular patching, system isolation and containment strategies help prevent threats from spreading. This proactive, layered approach enables rapid recovery and minimal operational disruption, ensuring resilience even under pressure.

Read the case study on how German multinational Siemens has integrated cybersecurity into its product design and manufacturing engineering to create a cyber-resilient environment, both within its operations and across its customers’ industrial facilities.

Have you read?

• Building a Culture of Cyber Resilience in Manufacturing

Engaging and managing ecosystems

Lighthouses are taking a thorough approach to managing cyber resilience across their entire supply chain ecosystem by:

• Embedding cybersecurity into every interaction throughout the supply chain: Establish rigorous third-party risk management and clear cybersecurity expectations across strategy, organization and operations, including thorough risk assessment, prioritized mitigation and best practice alignment through expert testing and supplier guidance.
• Enforcing stringent controls: Remote access is tightly restricted and sensitive systems are limited to authorized personnel, with continuous monitoring and updates to minimize exposure and proactively address evolving cyber risks.
• Repeating with discipline: Lighthouses ensure supply chain resilience through continuous risk assessment, active monitoring and regular security audits, maintaining accountability and compliance with top-tier certification standards to stay prepared for emerging threats.

Read the case study on how Volkswagen Group conducts cybersecurity assessments in plants worldwide to evaluate the level of security practices. The results help drive ongoing improvements and are shared with top leaders in IT and production.

Impact of Lighthouses on manufacturing

Lighthouse manufacturing sites are redefining what it means to be cyber resilient in today’s industrial landscape. By embedding cybersecurity into every layer of their operations and supply chains, they are not only protecting their enterprises but also setting a powerful precedent for the entire manufacturing sector.

The findings from their journeys reveal clear trends and actionable insights, showcasing how leading manufacturers are fostering a culture of cyber resilience, designing robust frameworks and collaborating across ecosystems to strengthen resilience.

These strategies – rooted in practical capabilities and forward-thinking practices – are shaping a future where cyber resilience is embedded in the fabric of industrial operations. By setting new standards of excellence, these industry leaders are charting a path toward secure, sustainable and innovation-driven manufacturing on a global scale.

Their commitment to cyber resilience strengthens competitive advantage and serves as a powerful engine for sustainable growth, transformative innovation and enduring success across the entire manufacturing ecosystem.

Have you read?

• Why cyber resilience should be a top priority for freight forwarders
• 5 ways to achieve effective cyber resilience
• How advanced manufacturing can improve supply chain resilience and cybersecurity