LevelBlue (formerly AT&T Cybersecurity) recently unveiled its 2025 Spotlight Report: Cyber Resilience and Business Impact in Manufacturing. A full recap of the report's findings can be found here.
It offers a great deal of insight on critical issues ranging from AI to Social Engineering, but also raised a number of burning questions. To help address some of these ongoing concerns, I recently sat down with Kory Daniels, Chief Security & Trust Officer at LevelBlue.
Jeff Reinke, Security Breach: What findings in the report do you feel are the most surprising or concerning?
Kory Daniels, LevelBlue: One of the most concerning findings is that over half (54 percent) of organizations have low visibility into the software supply chain. This is alarming because a security team can not defend what they can not see, enabling criminals to live in the shadows, steal credentials and propagate malware from a single victim to multiple targets.
Despite this, only 26 percent of executives say engaging with suppliers about their security credentials is a priority for the next year. Considering some of the high-profile attacks that have occurred through third-party suppliers, prioritizing this area is crucial for building resilience and protecting a company's physical and intellectual property.
JR: Overall, the research seems to indicate an uptick in industrial cybersecurity investment. What factors do you feel have contributed to this the most?
KD: Manufacturers are responding to both the sheer rise in attacks—37 percent report a significantly higher volume compared to last year—and the attention brought by high-profile breaches, which 65 percent of executives say pushed cybersecurity higher on the C-suite agenda.
AI-powered threats and geopolitical tensions are also accelerating the urgency. While there’s no single “landmark” event, the cumulative effect of ransomware campaigns, major supply chain compromises like Colonial pipeline, Jaguar, and SolarWinds, and highly publicized attacks against critical infrastructure has made cybersecurity impossible to sideline.
JR: Based on the report’s findings, what types of attacks do you think manufacturers are most susceptible to right now?
KD: Manufacturers remain highly susceptible to some of the most traditional forms of cyberattacks, including ransomware, social engineering, phishing, and insider threats.
These methods continue to be effective because of the sector’s reliance on legacy systems, the complexity of IT and OT environments, and the broad attack surface created by interconnected supply chains. Even as new AI-driven threats emerge, these tried-and-true tactics are still among the most disruptive for manufacturing organizations.
JR: Are there any threat actors or tactics that are really lighting up your radar?
KD: We’re watching the evolution of AI-powered attacks closely. Deepfakes and synthetic identity attacks, software supply chain attacks, and AI-powered attacks are the top three emerging threats that concern manufacturing leaders, and for good reason.
AI is expected to supercharge cyberattacks, enabling threat actors to automate phishing, generate convincing deepfake content, and even craft malware variants that evade detection from tools like EDR. Add to that the sector’s reliance on IoT devices and legacy systems, and you have a wide attack surface that adversaries are already exploiting.
JR: If feels like employee cybersecurity training continues to lag in the industrial sector. Why do you think this continues to be the case, and what can be done to improve in this area?
KD: Part of the challenge is cultural. Cyber resilience has often been seen as the responsibility of IT or security teams rather than the entire workforce. There is definitely room for organizations to foster more resilient cultures, as less than half (44 percent) say they have an effective company-wide cybersecurity culture.
Improvement comes from building security into daily operations—measuring leadership against cybersecurity KPIs, expanding training beyond IT staff to educate them about emerging threats and best practices, encouraging safe online behaviors across the organization, and making it easy for employees to report potential threats. External training partners can also help scale awareness and keep programs fresh and relevant.
JR: As it relates to cybersecurity as a whole, what do you feel will be the most significant trends over the next 12-18 months?
KD: Three trends stand out. First, the rise of AI—both as a weapon for attackers and as a defensive tool. Manufacturers are investing heavily in machine learning for pattern matching and AI-driven threat detection.
Second, the need for stronger supply chain security. With only a quarter of organizations making supplier engagement a priority, this will become an area of urgent focus.
And third, the cultural shift: we’ll see more organizations measuring business leaders on cybersecurity outcomes and integrating security into business strategy. The report shows that aligning cybersecurity with business goals is now a priority among board members, as 64 percent said their cybersecurity teams are highly or very highly aligned with the wider business, and further alignment is a top-three priority for the next 12 months.
