Index Insider: Cybersecurity Lags in Smart Manufacturing

Hello. This is Alex Bakker standing in for Stanton Jones with your weekly briefing on what’s important IT and business services.
If someone forwarded you this briefing, sign up here to get the Index Insider every Friday.


Cybersecurity is a hot-button issue for any company undergoing IT transformation. Nowhere is this truer than in the major transformations occurring in the world’s largest manufacturers. It’s in the process of adopting smart manufacturing practices – which is to say leveraging technology to measure, monitor and improve product design, manufacturing processes and supply chains – that these companies are running into real cybersecurity challenges. Transitioning from legacy manufacturing to smart manufacturing involves a great deal of IT infrastructure and software to connect systems to the network or internet that have not previously been connected. This includes everything from the programmable logic controllers (PLCs) running assembly lines to the controls on individual machines.
The promise of this transition for manufacturers includes cost savings, efficiency and better performance in the manufacturing process, but the risks are real. Very few of the legacy operating technology (OT) systems were built with a security-first mindset. Instead, they use physical device access as the first line of defense. Once these systems are connected to a company’s IT network, the cybersecurity surface grows – and the job of managing that surface expands outside of IT.
In our recent survey of smart manufacturing adoption, we found that IT is often not the sponsor of smart manufacturing initiatives. The four most-common sponsors for smart manufacturing are executives overseeing supply chain, production and product engineering and then the CTO. The CIO ranks fifth. This means smart manufacturing initiatives are being led by the business, not IT.
When we asked about adoption of cybersecurity solutions, we found that IT systems are being more aggressively protected – or at least invested in – with cybersecurity solutions than the manufacturing systems themselves (see Data Watch).
Like so many digital transformations over the last few years, the business is leading the way. But it is critical that IT remain heavily involved to manage the cybersecurity implications of new business models and technologies.


Chart showing what is your organization's level of adoption of the following cybersecurity solutions


  • DXC Technology, Lloyd's and IUA extend contract to support transformation of London insurance market (link).
  • LevelField Financial selects IBM Cloud Hyper Protect Services to support its METACO adoption (link).
  • VELUX selects HCL for end-to-end IT services transformation (link).


  • Broadcom announces plans to buy VMWare (link).

About the author

Alex Bakker

Alex Bakker

Alex leads the Primary Research Team where he focuses on study design, panel research, and interview based research for ISG. In addition to leading the Primary Research practice at ISG, Alex also serves as the lead analyst on provider pursuit effectiveness, and helps IT service providers understand how they can improve performance in the competitive process. 
LinkedIn Profile