In today’s hyper-connected world, the manufacturing sector in India is undergoing a digital transformation. From smart factories to IoT-enabled supply chains, technology is revolutionizing how products are designed, produced, and delivered. However, with this digital evolution comes a growing threat: cyberattacks. For CEOs and Managing Directors (MDs in the manufacturing sector, cybersecurity is no longer just an IT issue—it’s a strategic business imperative.

The time has come for a fundamental mindset shift. Cybersecurity must be viewed as a critical enabler of business continuity, innovation, and growth, rather than a cost centre or an afterthought. Here’s why and how leaders in India’s manufacturing sector must lead this change.

Why Cybersecurity Demands Leadership Attention

1. Rising Cyber Threats in Manufacturing
The manufacturing sector is increasingly becoming a target for cybercriminals. According to IBM’s X-Force Threat Intelligence Index 2023, manufacturing surpassed finance and insurance as the most attacked industry in 2022, accounting for nearly 23% of all cyberattacks globally. In India, where the manufacturing sector contributes over 17% to the GDP, the stakes are even higher. A single breach can disrupt production, compromise intellectual property, and damage customer trust.

For instance, a recent report by Deloitte revealed that 48% of manufacturers experienced a cyber incident in the past year, with ransomware being the most common attack vector. The average cost of a ransomware attack in manufacturing is estimated at $4.47 million, including downtime, lost revenue, and recovery costs.

Source: IBM X-Force Threat Intelligence Index 2023, Deloitte 2022 Report

2. Operational Technology (OT) Vulnerabilities
Modern manufacturing relies heavily on Operational Technology (OT) —machinery, sensors, and control systems that are often connected to the internet. Many of these systems were not designed with cybersecurity in mind, making them easy targets for attackers. A breach in OT can lead to physical damage, safety risks, and costly downtime.

According to a report by Fortinet, 56% of manufacturing organizations experienced OT system intrusions in 2022, with 67% of these incidents resulting in operational downtime. In India, where the adoption of Industry 4.0 technologies is accelerating, securing OT systems is critical to maintaining productivity and safety.

Source: Fortinet 2022 Report

3. Regulatory and Compliance Pressures
With the introduction of data protection laws like India’s Digital Personal Data Protection Act (DPDPA) and global standards such as GDPR, manufacturers must ensure compliance or face hefty penalties. Cybersecurity is no longer optional—it’s a legal and regulatory requirement.

A PwC India report highlights that 76% of Indian organizations are increasing their cybersecurity budgets in 2023, driven by regulatory requirements and the need to protect sensitive data. Non-compliance can result in fines of up to ₹250 crore (approx. $30 million) under the DPDPA, making cybersecurity a financial imperative.

Reputation and Customer Trust
A cyber incident can tarnish a company’s reputation overnight. In an era where customers and partners demand transparency and security, a breach can lead to lost business and eroded trust.

For example, a 2023 survey by KPMG found that 83% of consumers would stop doing business with a company that experienced a data breach. In the manufacturing sector, where long-term contracts and partnerships are common, maintaining trust is critical to sustaining growth.

Source: KPMG 2023 Survey

The Cybersecurity Mindset Shift: What Leaders Must Do

1. Treat Cybersecurity as a Boardroom Priority
Cybersecurity should be a regular agenda item in board meetings. Leaders must ensure that the organization has a robust cybersecurity strategy aligned with business goals. This includes setting clear objectives, allocating resources, and measuring progress.

According to Gartner, 40% of boards now have a dedicated cybersecurity committee, up from just 10% in 2017. This trend underscores the growing recognition of cybersecurity as a strategic priority.

Source: Gartner 2023 Report

2. Invest in People, Processes, and Technology
Cybersecurity is not just about buying the latest tools. It requires a holistic approach:

• People: Train employees at all levels to recognize and respond to cyber threats. Foster a culture of cybersecurity awareness.
• Processes: Implement strong governance frameworks, incident response plans, and regular risk assessments.
• Technology: Deploy advanced solutions like endpoint detection, firewalls, and encryption to protect critical assets.

A study by Accenture found that 68% of business leaders feel their cybersecurity risks are increasing, yet only 5% of organizations have fully integrated cybersecurity into their business strategies. Closing this gap requires a concerted effort from leadership.

Source: Accenture 2023 Study

3. Adopt a Risk-Based Approach
Not all assets are equally critical. Leaders must work with their teams to identify and prioritize the protection of high-value assets, such as intellectual property, customer data, and OT systems. A risk-based approach ensures that resources are allocated effectively.

The World Economic Forum’s Global Cybersecurity Outlook 2023 highlights that 91% of executives believe a cyber resilience strategy is essential for business success, yet only 54% have a formal plan in place.

Source: World Economic Forum 2023 Report

4. Collaborate and Share Knowledge
Cybersecurity is a shared responsibility. Leaders should collaborate with industry peers, government agencies, and cybersecurity experts to stay ahead of emerging threats. Sharing best practices and threat intelligence can strengthen the sector’s collective defense.

Initiatives like the Data Security Council of India (DSCI) and CERT-In provide valuable resources and frameworks for organizations to enhance their cybersecurity posture.

5. Prepare for the Inevitable
No organization is immune to cyberattacks. Leaders must ensure that their companies are prepared to respond swiftly and effectively when an incident occurs. This includes having a well-defined incident response plan, conducting regular drills, and ensuring business continuity.

According to the IBM Cost of a Data Breach Report 2023, organizations with an incident response team and tested plan saved $2.66 million on average compared to those without.

Source: IBM Cost of a Data Breach Report 2023

The Role of Leadership in Driving Change

As a CEO or MD, your role is pivotal in driving the cybersecurity mindset shift. Here’s how you can lead by example:

• Champion Cybersecurity from the Top: Demonstrate your commitment by prioritizing cybersecurity in strategic decisions and communications.
• Empower Your CISO: Ensure your Chief Information Security Officer (CISO) has a seat at the table and the resources needed to succeed.
• Stay Informed: Educate yourself about the latest cyber threats and trends. Cybersecurity is a rapidly evolving field, and staying informed is key to making informed decisions.
• Communicate the Importance: Use your influence to communicate the importance of cybersecurity to employees, partners, and stakeholders.

The Bottom Line: Cybersecurity as a Competitive Advantage

In the manufacturing sector, where margins are often tight and competition is fierce, cybersecurity can be a differentiator. Companies that prioritize cybersecurity can build trust with customers, protect their intellectual property, and ensure uninterrupted operations. By embracing a cybersecurity mindset, leaders can future-proof their organizations and drive sustainable growth.

The digital age demands a new way of thinking. For CEOs and MDs in India’s manufacturing sector, the question is no longer if you should invest in cybersecurity, but how quickly you can make it a core part of your business strategy. The time to act is now.

Call to Action:
Start today by assessing your organization’s cybersecurity posture. Engage with experts, invest in training, and build a culture of security. Remember, in the fight against cyber threats, leadership is the ultimate defence. Let’s secure the future of India’s manufacturing sector—one step at a time.

About the Author

Gopi Shukla
Security Consultant, 7 Dot 2 IT Consulting

Gopi Shukla is a seasoned cybersecurity professional with over 29 years of experience in helping organizations build robust security frameworks. As a consultant at 7 Dot 2 IT Consulting, Gopi specializes in risk management, incident response, and cybersecurity strategy for the manufacturing sector. With a deep understanding of the unique challenges faced by Indian manufacturers, Gopi is passionate about empowering leaders to embrace cybersecurity as a strategic enabler of growth.

Connect with Gopi on LinkedIn or email at [email protected]

Sources

1. IBM X-Force Threat Intelligence Index 2023

2. Deloitte 2022 Report on Manufacturing Cyber Incidents

3. Fortinet 2022 Report on OT System Intrusions

4. PwC India 2023 Report on Cybersecurity Budget Trends

5. KPMG 2023 Survey on Consumer Trust and Data Breaches

6. Gartner 2023 Report on Boardroom Cybersecurity Trends

7. Accenture 2023 Study on Cybersecurity Integration

8. World Economic Forum Global Cybersecurity Outlook 2023

9. IBM Cost of a Data Breach Report 2023