How manufacturers can build cyber resilience across their supply chains

Why supply chain cyber risk has become a business‑critical issue

Manufacturers have been the most targeted sector for cyberattacks for five consecutive years, accounting for 27.7% of all documented cyber incidents globally in 2025. At the same time, reliance on digitally connected suppliers, service providers and technology partners continues to grow.

This combination has materially changed the risk profile for manufacturers. Cyber incidents are no longer confined to data loss or isolated systems. A disruption at a single supplier can quickly cascade across production networks, affecting operations at scale.

This has been demonstrated repeatedly in recent years. In 2022, a ransomware attack on a single component supplier forced Toyota to shut down production across multiple plants. More recently, a cyber incident affecting Jaguar Land Rover led to production pauses and disruption across its supplier network. Together, these examples illustrate how cyber events at one point in the supply chain can rapidly cascade into widespread operational impact across manufacturing ecosystems.

As a result, cyber risk in the supply chain has moved from a technical concern to a core operational risk that requires senior ownership and structured management.

From data breaches to plant shutdowns: how the threat has evolved

Two developments in particular have reshaped cyber risk for manufacturing supply chains.

First, digital supply chain interdependence has increased. Many suppliers now require access to systems that support production, maintenance or logistics. This means a security weakness within a supplier’s environment can travel upstream with speed and scale.

Second, the convergence of IT and operational technology (OT) has created pathways from digital intrusion to physical disruption. According to industry reporting, 75% of cyber incidents affecting manufacturers now involve both IT and OT environments. When attacks cross that threshold, consequences extend well beyond data loss.

Cyber resilience, therefore, cannot be managed in isolation from operational resilience.

Operational Technology: a growing exposure

OT environments have become an increasingly attractive target. Unlike traditional IT systems, OT disruptions can stop production, extend downtime, and in some cases affect safety‑critical processes.

Manufacturing organisations estimate average downtime costs of around $17,000 per minute when operations are disrupted by a cyber incident. Recovery timelines can quickly stretch from hours into days or weeks, particularly where legacy systems, limited segmentation or unmanaged supplier access are involved.

“Attackers are no longer satisfied with locking data, they want to stop the machines. Manufacturers that treat cybersecurity as a purely digital issue risk are leaving their physical operations exposed.” 
Vivien Bilquez, Global Head of Cyber Resilience, Zurich Resilience Solutions

Cyber security agencies have also highlighted increasing attention on industrial control systems from sophisticated threat actors, reinforcing the importance for manufacturers of protecting OT environments as part of a wider cyber strategy.

Artificial intelligence and the future cyber landscape

Advances in artificial intelligence are accelerating changes in the cyber threat environment. Highly capable AI models are already demonstrating an ability to identify software vulnerabilities at scale, including within complex and ageing systems.

For manufacturers, this creates a dual dynamic. On the one hand, AI‑enabled tools can support earlier identification of vulnerabilities across supplier networks and legacy OT environments. On the other, similar capabilities may be adopted by attackers, increasing the speed and scale at which supply chain weaknesses can be exploited.

The implication is not that AI introduces an entirely new category of risk, but that existing weaknesses, such as unpatched systems, weak access controls or poorly segmented networks, are likely to become easier to target over time.

Business interruption: translating cyber disruption into financial impact

From a business interruption (BI) point of view, this is really about understanding what happens when things go wrong, not just preventing them. A lot of traditional BI cover is still built around physical damage, but cyber events (especially through suppliers) don’t always fit neatly into that, even though the impact on turnover can be just as significant.

Looking at BI alongside cyber resilience helps put some numbers around the risk. It forces a closer look at key dependencies, how long recovery would realistically take, and whether indemnity periods and declared values actually reflect that. It also highlights how quickly disruption can spread across a supply chain, which is often where the biggest exposure sits.

In simple terms, its not just about stopping incidents, its also about being financially and operationally prepared for them if they do happen.

Managing supply chain cyber risk: a structured approach

Despite growing exposure, many organisations still lack preparedness. While around 80% of manufacturers report a significant increase in cyber incidents, fewer than half believe their defences have kept pace.

Closing that gap requires a structured, proportionate approach:

• Identify what needs protecting 
  Understand which systems, data and operational processes are critical, and where third party dependencies create exposure.
• Apply risk‑based supplier standards 
  Minimum security requirements should reflect the level of access and potential operational impact each supplier has and be embedded in contractual arrangements.
• Strengthen IT–OT resilience 
  Review how environments connect, implement appropriate segmentation and access controls, and ensure incident response plans are tested in practice.
• Monitor over time 
  Supplier cyber posture can change quickly. Ongoing oversight helps identify emerging risks rather than relying solely on onboarding assessments.

How Zurich Resilience Solutions can support manufacturers

Zurich Resilience Solutions works with manufacturers to assess and manage cyber and supply chain risks as part of a broader operational resilience strategy. Using the Zurich Risk Management Framework, our specialists help organisations understand exposure across cyber, OT and third‑party risk, and translate technical findings into prioritised, practical actions.

Cyber risk in the supply chain is not new, but it is increasing in scale, speed and complexity. Organisations that manage it effectively apply the same discipline, accountability and continuous improvement expected of any other business‑critical risk.

Come and talk to us at SMART Manufacturing Week, 3-4 June, at Birmingham NEC. Find us on stand E120.

 

Frequently asked questions