Privacy-First Mobile Security: How to Protect Data the Right Way
How to implement a privacy-first mobile security strategy for your organization.
Late last year, a cyberattack on Jaguar Land Rover cost the company roughly £1.9 billion ($2.5 billion), making it the most economically damaging cyber event in UK history. Production was halted for five weeks, and more than 5,000 businesses across Jaguar’s global supply chain were affected. The company claimed a full recovery wouldn’t likely occur until early 2026. In the weeks following the attack, UK car production fell by 27%, and the number of cars produced was the lowest of any September since 1952.
For manufacturers, this was more than a cyber incident — it was a wake-up call to step up their security to avoid a costly shutdown.
Chicago is home to a number of major players in the manufacturing industry, including Boeing, Caterpillar, Abbott Laboratories, and Illinois Tool Works — all of which could fall prey to attacks like the one that hit Jaguar. So, if security hasn’t been a priority for Chicago-area manufacturers, now is the time to secure environments before they become the next target.
According to IBM’s X-Force Threat Intelligence Index 2026, manufacturing was named the most targeted industry for cyberattacks for the fifth year in a row, representing 27.7% of all incidents. And these attacks are on the rise. The average manufacturer faces 1,585 attempted attacks per week, with overall attacks increasing 30% year over year. Some segments of the industry are seeing even greater momentum, with the automotive manufacturing industry experiencing a 722% increase in cyberattacks from 2024 to 2025.
Breaches in the manufacturing industry are also more costly, averaging $5.56 million. Costs range from ransomware payouts to remediation and recovery costs to lost business due to downtime. Automotive manufacturers, for instance, lose $22,000 per minute when the production line stops, and unplanned downtime costs industrial manufacturers $50 billion a year.
These numbers are only expected to grow as AI increases the pace at which bad actors can launch attacks. Unfortunately for Chicago manufacturers, they’re likely to remain an enticing target, and here’s why.
Many manufacturers focus their efforts on securing operational technology, including industrial control systems, SCADA devices, and production equipment. While those systems must be protected, the biggest risk actually lies elsewhere.
A report from Telstra and Omdia found that 75% of attacks on manufacturing firms originated in IT — not OT — systems. Attackers don’t need to hack industrial control systems. They can breach regular business systems like corporate networks, email, and business applications, and then cripple operations from there.
The Jaguar attack began when bad actors used social engineering techniques, phishing and vishing attacks, and stole credentials to log into Jaguar’s IT systems via a third-party vendor. Boeing experienced a similar attack that impacted its parts and distribution business when a ransomware gang attacked its IT systems and disrupted its entire supply chain. Meanwhile, Check Point Research has been monitoring a sophisticated social engineering campaign targeting manufacturing companies through ‘Contact Us’ forms.
To protect the IT systems that ultimately control or connect to OT systems, here’s where manufacturers need to focus when assessing their security posture.
Manufacturing facilities have a significant number of endpoints a hacker can exploit to get in. And, while IoT devices and OT tend to be top of mind, it’s just as easy — if not easier — for a bad actor to get in via a laptop or mobile phone connected to an organization’s network. Not only can these devices be easily swiped, but they are often connected to networks remotely via unsecured WiFi networks. Meanwhile, if systems are misconfigured or software isn’t regularly patched, endpoints serve as open doors for bad actors to walk through.
Unfortunately, securing endpoints isn’t enough to stop a bad actor from entering an environment. Too often, bad actors rely on human vulnerability to gain authorized access to office systems. According to CISA, more than 90% of successful cyberattacks start with a phishing email. Thanks to AI, these attacks are becoming more frequent and more convincing. With smishing, vishing, and sophisticated business email compromise campaigns at play, back-office teams are having trouble staying on top of the latest scams and stopping employees from handing over credentials to the vital systems that keep production lines moving.
If bad actors are getting in via social engineering and endpoint attacks, they are securing their foothold with credential theft. In the first half of 2025, identity-based attacks rose 32%, and 72% of breaches involved the exploitation of privileged credentials. Bad actors deploy social engineering attacks, including phishing, vishing, or deepfake videos, or brute force attacks to gain employee credentials to IT systems. They can then move laterally and hack into OT systems or lock up IT systems and hold them for ransom.
In short, attackers don’t need to hack a programmable logic controller when they can easily send a convincing phishing email that gets an office worker to click on a malicious link that deploys ransomware. From there, bad actors can steal engineering drawings with proprietary information. They can even shut down inventory, logistics, or financial systems.
Chicago-area manufacturers need comprehensive IT security that protects endpoints and networks, monitors for suspicious activity, and establishes appropriate access controls to keep bad actors from entering IT systems and pivoting to production systems and equipment. These security programs should start with the basics, including:
Companies must establish access and identity requirements. This should include a combination of security tools, policies, and training to ensure employees understand how to protect against unauthorized access to company systems. Identity management includes:
Most people use personal and work email daily, regardless of role and industry. Because phishing emails are responsible for 90% of successful cyberattacks, protecting email and all endpoints is a must for manufacturers. In addition to security training and establishing protocols that ban or limit USB and removable media, companies should invest in security software that includes:
SecurityScorecard’s 2025 report found that more than 70% of organizations admitted to experiencing at least one material third-party cybersecurity incident in the past year. Given the extensive complexity of manufacturing supply chains, companies must:
According to IBM’s 2025 Cost of a Data Breach Report, it took organizations an average of 241 days to identify and contain a breach, and the cost of a breach rose significantly the longer it took a company to respond and recover. While the hope is that bad actors can’t find their way into a system, threat detection and response plans are an essential part of every security program and should include:
While these four areas cover the basics, they are by no means an exhaustive list. Cyber resiliency requires a thorough strategy, a deep security tech stack, employee training, policies that are woven into every part of the business, 24/7 monitoring and response services, and a commitment to security from everyone in the organization. It isn’t a checklist to work through and then forget — it requires constant attention and should evolve with the organization and the threat landscape. Otherwise, manufacturers leave themselves vulnerable to an attack.
Few manufacturers have the in-house resources to develop a truly resilient cyber security program. IT teams are set up to manage ERP systems, business applications, network infrastructures, and run a help desk for employees. They are not equipped to provide 24/7 advanced threat monitoring and detection, continuous authentication and authorization processes, and supply chain security protocols. Security simply requires a specialized skillset that differs from that of an IT team.
Attackers also know to strike when teams are out of office, so most cyberattacks happen at 2 a.m. — not 2 p.m. Modern manufacturers need a 24/7 security operations center (SOC), which can cost $1.5 million per year after an initial investment of $1 million to $2 million. These are funds many manufacturers aren’t willing to invest.
Even those who do have funds allocated for security may have trouble finding talent. The skills needed to navigate an increasingly advanced and vast threat landscape are growing, and the demands on security teams are increasing, making talent harder to find. According to a 2024 ISC2 report, the global security talent shortage continues to be a problem, with a workforce gap of 4.8 million.
Due to the lack of skilled security professionals and massive budgets, many manufacturers are outsourcing their security efforts to MDRs.
Managed Detection and Response (MDR) offers fully managed cybersecurity services, including 24/7 detection, response, and remediation at a significantly lower cost than building an in-house team. The security professionals working at MDRs have intimate knowledge of the latest cyber threats because they are defending against them every day.
These security centers are operating with the latest, most advanced software and technology to ensure any anomaly in a client’s environment is flagged and thoroughly investigated. Monitoring and detection systems run 24/7, so manufacturers are protected during and outside of business hours. Unlike traditional MSSPs that simply alert clients when a breach is detected, MDRs handle response and recovery efforts, swiftly eliminating hackers to limit the damage should a breach occur.
Wondering if an MDR is right for you? Complete our self-assessment below. If you answer “no” to any question, your organization has critical security gaps, and an MDR might be the right fit.
With 75% of manufacturing breaches originating in IT systems, securing your corporate network and endpoints is a necessity. It could prevent a costly breach — $5.56 million on average — and keep your production line running. When looking for an MDR partner to run your security efforts, ensure they offer:
SolCyber specializes in protecting manufacturers through comprehensive MDR++ coverage. We protect all endpoints, including laptops, workstations, and servers, and offer:
Our team resolves more than 95% of incidents without ever involving your team at a third of the cost of building an in-house SOC. We also partner with leading insurers to ensure you get a discount on cyber insurance because they know, with us, you’re protected.
If you’re ready to take action and secure your manufacturing environment from a cyberattack, contact the experts at SolCyber to schedule your security assessment, review your cyber insurance requirements, and stand up a security program in 30 days.
Photo by Ricky Beron on Unsplash
How to implement a privacy-first mobile security strategy for your organization.
In today’s economic climate, most managers are faced with the challenge of doing more with their existing tools or holding back on acquiring new ones due to tight budgets following the pandemic. Additionally, the current soaring inflation rate, which we haven’t seen since the early 1980s, has made companies hold on to their cash and tighten their purse strings. The recent SVB collapse and Credit Suisse’s plummeting share price have further fueled fears of a recession. Under such circumstances, managers […]
Why “Code Red”? What is “Salt Typhoon”? Does it matter?
By subscribing you agree to our Privacy Policy and provide consent to receive updates from our company.
