Article by Andrew Mamonitis, Vice President – APAC, Manufacturing Division, ECI Software Solutions
Now is the time to strengthen your defences against bad actors seeking to disrupt and defraud.
Worried your manufacturing business is a sitting duck for cyber-criminals? In today’s times, it’s a thoroughly reasonable concern.
The threat posed by bad actors is real and rising, and small and medium-sized businesses of all stripes are squarely in their sights.
The Australian Signals Directorate, Australia’s peak cyber protection agency, has sounded the alarm. Its Annual Cyber Threat Report for 2024-25 highlights the persistent threat of malicious cyber activity and adjures local enterprises to strengthen their defences.
Attacks on the rise
The ASD responded to more than 1200 cyber incidents in FY2025; an 11% increase in activity, compared with the previous year. More than 84,000 cybercrime reports were lodged during the period, and more than 42,000 calls were answered by the Australian Cyber Security Hotline.
Meanwhile, the average self-reported cost of cybercrime has skyrocketed. For businesses, it’s risen by 50%, per report, in the space of just 12 months.
Small businesses are now having to spend an average of $56,600 responding to and recovering from an incident, while for medium-sized businesses that figure rises to $97,200. That’s not a sum many SME manufacturers have at the ready, and raising it at no notice can put finances under significant strain.
At the same time, company directors are now personally and legally responsible for potential data breaches with stringent and regulatory consequences, in addition to potential reputational damage, if found to be negligent. Key legislation to be mindful of include passage into law of the Cyber Security Act 2024 which raises the bar on cyber governance and states that all companies are encouraged to implement robust security measures and directors on company boards reporting over $3m in turnover are expected to report on cyber extortion payments within 72 hours.
Being held to ransom
Ransomware is chief among the threats faced by this cohort. It’s also the most disruptive, according to the ASD, which writes in its report:
‘…, high impact malware that can cripple an organisation’s ability to function. Ransomware causes serious operational, financial and reputational consequences for victims.’
Halting production, for even a few hours or days, can make it impossible for a manufacturer to deliver orders on time. This can have a detrimental effect on client relationships, potentially leading to the loss of contracts in a worst-case scenario.
For the cyber-criminals that instigate it, meanwhile, ransomware provides ‘lucrative opportunities to extort substantial ransoms from vulnerable Australian organisations’, the Report points out.
Supply chains are a particular point of weakness for manufacturers, and cyber-criminals have begun ruthlessly exploiting them. In today’s hyper-connected times, compromise of a supplier’s systems can all too easily see its entire customer network infected too. Lack of visibility into the security practices of suppliers can make this risk a difficult one for manufacturers to assess.
Addressing a dangerous problem with limited resources
While deep-pocketed multinational manufacturers can afford to invest heavily in cyber security solutions and services to mitigate these risks, their smaller counterparts are typically not so well resourced.
Many are not in a position to devote extensive budgets and bodies to the issue. It’s not uncommon for effective cyber-hygiene practices, such as employee awareness training and maintaining a regular back-up program, to fall by the wayside or be attended to only sporadically.
Unfortunately, that lack of rigour makes this cohort a prime target for bad actors seeking an easy entry.
Operating safely in the cloud
Switching from legacy, on-premises programs and platforms to a cloud-based enterprise resource planning solution is a straightforward way for SME manufacturers to improve their security posture, in the back office and on the shop floor.
It makes sense to partner with a vendor that has a stellar track record in the manufacturing industry and one which understands the unique requirements and potential vulnerabilities of businesses operating in this space.
Ideally, they’ll incorporate a range of measures into their ERP platform to keep your corporate and customer data secure and private from go live onwards – think firewall-protected servers, multi-factor authentication, and latest-generation encryption technology.
You should also be relieved of the burden of making continuous back-ups. Premium vendors will ensure these are carried out hourly, making it easy for your enterprise to get back up to speed after a ransomware attack or other engineered outage.
Securing your manufacturing business’ future in 2026 and beyond
Cyber-attacks have never been more frequent, nor more expensive, than they are today. Adopting a cloud based ERP platform is an effective means of mitigating the risk of your manufacturing enterprise falling victim to bad actors bent on causing disruption – and the damage, should the worst occur. If safeguarding your operations and data is a priority in 2026, it’s essential technology that should sit at the heart of your ICT stack.
