1. The evolution of industrial systems: more connected and more exposed

Industrial information systems, formerly isolated in controlled and protected environments, are now increasingly interconnected with so-called “classical” information systems.

The rise of technologies such as the Internet of Things, artificial intelligence and the virtualization of industrial environments promote the integration of machines, equipment and processes within the same network.

This convergence exposes these systems to increasingly sophisticated cyber threats, making their security essential.

‍

2. The main cyber threats for industrial information systems in 2025

2.1 Motivations and impacts

Cyberattacks targeting industrial information systems can take several forms: sabotaging production processes, ransomware attacks or even intrusions into industrial systems.

These cyberattacks not only affect sensitive business data, but can also impact their production by causing equipment failures or business shutdowns.

In addition, the potential for intellectual property theft and the damage to an organization's reputation can have serious economic consequences for the company.

‍

2.2 Main cyber threats to fear in 2025 for manufacturers

• Ransomwares: Ransomware will continue to target industrial systems. They will aim to take production processes, access to industrial systems, and critical data hostage in exchange for ransom.
• Attacks by connected objects: With the rise of IoT devices in factories, these objects will become preferred entry points for cybercriminals.
• Intrusions into control systems: Cybercriminals will seek to manipulate or disrupt critical industrial control systems. These include SCADA (Supervision Control and Data Acquisition) or PLC (Programmable Logic Controller) systems.
• Supply chain attacks: Cyberattacks via suppliers, subcontractors or other partners will be more and more common. By rebounding, they will expose industrial systems to increased risks.
• Malicious use of AI: AI will be used by cybercriminals to make attacks more sophisticated and automated.
• Phishing and social engineering: Cybercriminals will continue to target employees through phishing and social engineering techniques. Their aim will be to obtain sensitive information and/or to access the systems.
• Industrial cloud attacks: Industrial cloud services will be increasingly targeted. These attacks will aim to disrupt production processes and steal data from cloud environments.
• Malware targeting industrial equipment: The malware will be specifically designed to attack industrial equipment. This will cause hardware failures, malfunctions or even production stoppages.

3. What are manufacturers and their managers doing to secure themselves in 2025?

Faced with the increase in cyber threats, industrial players and managers are increasingly aware of the need to strengthen the cybersecurity of their critical infrastructures, as evidenced by: This article from the Transitions Review.

Today, industrial cybersecurity is no longer limited to a simple technical question, but is becoming a strategic priority for the sustainability of businesses. Numerous priorities and trends then appear in 2025.

3.1 Industrial cybersecurity trends in 2025

• Integration of industrial IT security into a global cybersecurity governance: Industrial players are now integrating industrial systems into a holistic approach to cybersecurity, which includes traditional and industrial information systems.
• Risk Management and Resilience: Executives are implementing cybersecurity risk management strategies. These strategies incorporate continuous threat analysis and the ability to respond quickly to incidents. Moreover, resilience is becoming a priority as businesses seek to maintain business in the event of an attack. To do this, manufacturers implement and test business continuity and recovery plans (PCA and PRA).
• Implementation of advanced detection solutions: The implementation of intrusion detection systems (IDS) and real-time surveillance is becoming a major area of protection for professionals in the sector. Artificial intelligence and machine learning are used to anticipate attacks and detect anomalous behaviors. This allows cybersecurity teams to take action even before the attack occurs.
• Adoption of cybersecurity standards and certifications: Manufacturers are actively seeking cybersecurity certifications, such as ISO 27001 or the IEC 62443 standard. The objective is to comply with regulations and to reassure business partners about the level of protection of data and critical infrastructures.
• Automation: Businesses are increasingly turning to automating cybersecurity processes, including vulnerability management, system updates, and patching. This ensures a rapid and consistent response to evolving threats without the need for constant human intervention.
• Industrial IoT system security: With the exponential growth of connected objects in industrial environments, securing the IoT is becoming a priority. Businesses are implementing specific security protocols to protect these vulnerable devices. Thus, IoT risk management is an integral part of the overall cybersecurity strategy of industry players.
• Securing wireless environments (Wi-Fi, 5G, IoT): The expansion of industrial networks with wireless technologies such as Wi-Fi, 5G, and soon 6G, presents specific cybersecurity challenges. Businesses need to ensure that wireless networks, especially those used in industrial IoT, are properly protected against intrusions. Encrypting communications, managing identities and access, and detecting anomalous behaviors in real time have become critical elements in securing these environments.

3.2 Current industrial safety practices

• Collaboration with external experts: More and more industrial companies are collaborating with cybersecurity consulting firms. This allows them to get audited and get advice on the best security practices and solutions on the market. Leaders understand that external expertise is essential to anticipate threats and stay at the forefront of security.
• Team training and awareness: Since humans are often the gateway to attacks, an increasing part of the effort is directed towards employee training. Businesses are implementing awareness programs, ranging from cybersecurity training for industrial operators to creating clear procedures for responding to incidents. The culture of cybersecurity is being strengthened at all levels within organizations.
• Backup and restore: Industry players are implementing regular backup and recovery solutions. This ensures they can quickly recover their systems and critical data in the event of an incident. Backup and recovery strategies are tested regularly and implemented to minimize downtime.
• Setting up industrial DMZs: To strengthen the security of industrial networks, many organizations are deploying demilitarized zones (DMZs). These DMZs allow critical systems to be separated from other parts of the network, thus reducing the risk of incident propagation. DMZs are also used to control and monitor incoming and outgoing traffic, limiting the impact of cyberattacks.

4. Increasingly significant investments in industrial cybersecurity

Investments in industrial cybersecurity are on the rise. According to a study by MarketsandMarkets, The global industrial cybersecurity market is expected to reach $135.11 billion by 2029, with an average annual growth rate of 9.8%.

Industrial companies are more and more willing to invest in:

• Protect their critical systems
• Reduce the risks of interruption of production,
• Prevent data theft and the compromise of their reputation.

Another study conducted this time by Xerfi reveals that For its part, the French industrial cybersecurity market is expected to grow by 10% per year by 2026. This trend is particularly marked among companies operating in sensitive sectors such as energy, automotive or even health.

As a result, businesses and managers are now focusing on industrial cybersecurity in an integrated and proactive manner. This evolution is part of a wider digital transformation process, where securing industrial processes is becoming a central pillar of the competitiveness and sustainability of businesses in an increasingly connected world.

‍

5. The regulatory framework: An essential requirement for industrial cybersecurity

5.1 Norms and regulations

In the current context, the cybersecurity of industrial information systems is not limited only to a technical approach by the company, but also to a regulatory one. Indeed, businesses must comply with a set of standards and regulations. These national and international standards and regulations are becoming more and more stringent. These requirements aim to:

• Guarantee the safety of critical infrastructures,
• Minimize the risks of cyberattacks that have a significant impact on society and the global economy.

In Europe, the NIS2 directive (Network and Information Security) imposes cybersecurity obligations on operators of essential services, including in the industrial sector. Businesses need to implement appropriate security measures, report cybersecurity incidents quickly, and prove their ability to manage risks.

There are also standards such as ISO 27001, which provides a framework for information security management, or the IEC 62443 standard specifically dedicated to the cybersecurity of industrial systems. These standards provide detailed guidelines for securing industrial equipment and operational environments.

These regulations and standards are not only legal requirements. They are also references that allow companies to:

• Strengthen their cybersecurity strategy,
• Demonstrate their commitment to ensuring a high level of protection for their stakeholders.

Therefore, complying with these standards and regulations is also a means of building trust with customers, partners and investors. Effective cyber risk management, supported by a proactive regulatory approach, ensures that the company has a certain resilience in the face of potential threats.

‍

5.2 Practical case: Example in the agri-food sector

As an example, and as explained in an article by Agro Media, a major company in the agri-food sector has made industrial cybersecurity a true priority. All its industrial facilities comply with the IEC 62443 standard, thus providing optimal protection against cyber threats.

By applying these strict standards, the company protects its critical infrastructures, maintains the confidentiality of its sensitive data and guarantees the integrity of its operations.

‍

6. The commitment of NSEs and consulting firms specialized in cybersecurity

Faced with the rise of cyber threats, digital services companies (DSBs) and cybersecurity leaders are taking impacting initiatives to meet the growing security needs of the industrial sector. The strategic importance of securing industrial systems is now widely recognized. Cybersecurity market players are in a strong position to offer solutions adapted to this new reality.

6.1 Strategic partnerships

Partnerships between cybersecurity companies and industrial technology providers are multiplying. A concrete example mentioned in the newsletter published by Vona Consulting in January 2025, is that of a partnership between a cybersecurity solutions provider and an industrial cybersecurity partner. Indeed, these entities offer cybersecurity services dedicated to industrial environments and critical infrastructures in France and Europe.

This collaboration integrates solutions developed by one of the partners and implemented in the managed SOC of the other. This thus ensures reinforced security coverage for industrial customers.

These alliances strengthen the ability of cybersecurity players to meet the specific security needs of industries. These strategic movements reflect the growing interest in industrial cybersecurity and the considerable investments in the protection of critical infrastructures.

‍

6.2 Massive investments

Cybersecurity players are constantly investing in research and development to anticipate future threats. They are developing ever more advanced solutions to integrate cutting-edge technologies such as AI and machine learning into the processes of detecting and responding to cyberattacks.

The industrial cybersecurity job market is also growing.

This dynamism in the field of industrial cybersecurity testifies to the urgency and the need for industrial companies to protect themselves in the face of increasingly present threats. More and more manufacturers, NSEs and cybersecurity leaders are actively involved in ensuring the security of industrial systems. This interest thus guarantees the sustainability and resilience of companies in the face of ever more threatening cyberattacks.

7. The cloud: a bet for industrial security

In the past, industrial companies were generally reluctant to connect their production facilities to the cloud. However, as shown This B2B cyber-security study, this trend is changing and is expected to accelerate in 2025.

More and more businesses are realizing that the public cloud can offer them competitive advantages and efficiency gains for a variety of services. As a result, they are increasingly adopting cloud-based solutions. IT has already shown the way with the generalization of SaaS, and as usual, OT follows a few years later. In addition, similar advantages are being felt, especially in terms of maintenance and optimization of resources.

That being said, there are bound to be sectors where cloud adoption will be difficult, if not impossible, due to regulatory and practical constraints. For all other industries, integrating the cloud securely is crucial. The use of security solutions delivered from the cloud is therefore essential.

‍

8. Data integrity and availability as a priority for industrial players

The integrity and availability of industrial data are the two major security pillars for industry professionals. The confidentiality of industrial data, in most cases, is not as critical as its integrity or availability may be. Indeed, industrial data is obviously important from an operational point of view. However, as a general rule, activities will not be strongly impacted if their confidentiality is breached.

For example, we may be interested in the case of an industrial company supervising a transport network. In this type of activity, there are systems that measure the distance between two vehicles that follow each other. Here, it can be said that the confidentiality of the distance is not a priority. It is not sensitive data that could be stolen or misused by malicious actors. Nor is it data that could be resold or interesting for the competition.

On the other hand, the availability of operational systems as well as the integrity of the data collected are essential for business continuity. If we go back to the example of the supervision of a transport network, it is better for the distance measured between two vehicles to be accurate and available in real time to ensure the fluidity of the network and therefore the continuity of activities. Real time and accuracy are therefore two essential metrics for industry professionals.

Of course, this does not mean that data confidentiality should be omitted. Nonetheless, it is important to keep in mind that in many cases, it makes more sense to pay closer attention to the availability and integrity of industrial data.

‍

9. More exposed industrial systems

In the context of industrial security, managing communication between conventional networks (IT) and industrial networks (OT) is becoming crucial. Traditionally, these two environments were separated by gateways or relay systems.

However, as mentioned in this article in Digital Solutions & Cybersecurity, more and more companies are choosing to establish direct Internet communication between the industrial network and the traditional network. This approach allows:

• To access data in real time,
• To facilitate remote maintenance
• To offer operators and maintenance teams an instant view of the condition of the equipment.

However, this direct interconnection exposes industrial systems to increased cybersecurity risks. The absence of traditional relays and gateways certainly allows for smooth and fast communication, but also makes systems more vulnerable to external attacks. It is therefore becoming imperative to put in place robust security measures to ensure the protection of industrial infrastructures in the face of these threats.

‍

10. A separation of tasks that is still too present

In 2025, the separation of tasks between traditional cybersecurity and industrial cybersecurity is still too pronounced despite increasing convergence.

This distinction creates a divide between teams responsible for the security of traditional IT systems and those who protect industrial infrastructures. In reality, this separation creates significant challenges. Indeed, security approaches and tools are sometimes incompatible between the two worlds. This therefore complicates risk management and increases the vulnerability of industrial systems.

Classic cybersecurity focuses on the protection of data, users, and digital infrastructures. On the other hand, industrial cybersecurity focuses on business continuity, physical equipment security, and risk management specific to operational environments. This dichotomy can lead to security gaps, especially when IT threats affect critical industrial equipment.

It is therefore becoming crucial to break this barrier and develop unified cybersecurity strategies, where IT and OT teams collaborate proactively. Such an integrated approach would thus allow:

• To anticipate risks as best as possible
• To strengthen the resilience of industrial infrastructures in the face of increasingly sophisticated cyberattacks.

However, it remains important to keep in mind that in the event of an attack, total convergence could endanger the traditional information system and, by rebound, the industrial system, as demonstrated by Silicon in its article on The risks of total convergence of OT.

‍

11. Finally: Vona's opinion

For Vona Consulting, industrial cybersecurity in 2025 obviously represents a major strategic challenge for companies in the industrial sector. Faced with increasingly sophisticated cyberattacks, it is becoming essential to put in place robust measures to guarantee the security of these companies and thus the continuity of global economic activity.

Threats are evolving rapidly, and simply managing risks is no longer enough. Businesses need to adopt modern, smart, and tailored solutions. These solutions must be able to detect, prevent, and respond to attacks instantly. They must also be able to anticipate future ones. It is also appropriate for manufacturers to think of a strategy for sufficient convergence of conventional and industrial systems. At the same time, strengthened governance based on international standards is essential to ensure the compliance of infrastructures and operations.

Industry players should note that industrial cybersecurity is not based solely on technology or regulation. It also requires a change in culture within organizations. The integration of employees as well as the support of managers must be key elements for an effective defense.

In addition, it is important to realize that industrial safety is not an expense, but an investment in the sustainability of organizations in the sector. It's not just about protecting data, but about ensuring system resilience, ensuring business continuity, and maintaining partner trust.

In short, for Vona Consulting, companies must not only invest in appropriate technologies, but also adopt an integrated, holistic and human approach to cybersecurity. Vona has recognized expertise in industrial cybersecurity, as evidenced by the entrenched positioning and robust security posture of its customers in the industry. Our increased experience and our strong skills in the field would be a major asset for any industrial company wishing to secure itself effectively and sustainably.

‍

Useful links:

• Cybersecurity: what priorities for manufacturers in 2025? - The Transitions Review
• Industrial Cybersecurity Market Size, Share, Industry Report 2032
• The cybersecurity market is expected to grow by 10% per year in France
• Nestlé: Industrial Cybersecurity - Agro Media
• 2025 trends: The industry is banking on the cloud - B2B cybersecurity
• EXPERT OPINION — IT/OT convergence: the start of a new technological era
• Cyber OT: raising awareness in the industrial sector - Cybersecurity - Silicon.fr

‍

‍