Securing the Edge in AI-Enabled Smart Factories

Growing data needs have manufacturers between a rock and a hard place.

Sase Supatman
istock.com/Supatman
Brian Anderson
January 29, 2026

Factories are becoming “smarter” by the minute, powered by a complex web of artificial intelligence (AI), robots, digital twins, and remote partners. While these technologies have positively impacted productivity and efficiency, they’ve also turned the manufacturing edge (plants, kiosks, remote sites, etc.) into a massive new attack surface that is constantly expanding. 

It’s no longer enough to secure production lines alone; manufacturers need to lock down the AI models, sensors, and connected systems driving them. 

Cybercriminals are acutely aware of this explosion of attack vectors and are increasingly targeting operational technology (OT) and industrial internet of things (IIoT) systems. Entry points like hybrid devices, weak partner access, legacy equipment, and unprotected AI workflows make the perfect pathways for threat actors to gain entry and carry out attacks. 

In fact, manufacturing has faced the most cyberattacks of any industry globally for the past four consecutive years. Furthermore, the Cybersecurity and Infrastructure Security Agency (CISA) warns that the critical manufacturing sector is at heightened risk due to expanding OT attack surfaces

Manufacturers are stuck between a rock and a hard place: OT systems are exposing them to risk, but at the same time, OT manufacturing data is the lifeblood of the organization and a critical revenue driver. They need to connect to the cloud via these systems to support data analytics, process optimization, and, ultimately, more efficient manufacturing. 

AI is further complicating this issue. The widespread adoption of open-source large language models (LLMs) without guardrails has lowered the barrier to entry for threat actors to go after these sensitive environments. 

Today, breaking into an organization can be as simple as asking a malicious LLM to help navigate the MITRE ATT&CK chain and—boom—an attack path that once required deep expertise to exploit is laid out for threat actors on a silver platter in a matter of seconds. 

We saw something similar unfold recently when cybercriminals used Anthropic’s Claude Code to conduct a highly automated cyber espionage attack. Alarmingly, Claude Code performed up to 80-90 percent of the tasks, with only four to six critical decision points per hacking campaign made by the hackers themselves, underscoring how little human intervention is needed to carry out sophisticated attacks.

In this new and evolving environment, one thing is certain: traditional, perimeter-based defenses are no longer cutting it. Manufacturers need to assess their edge risk, secure their partner networks, and adopt unified, future-proof security architectures before they become the next data breach headline. 

Here’s the path forward:

  • Create an accurate asset inventory. When it comes down to it, you can’t protect what you don’t know you have. Most manufacturing facilities are incredibly expensive to build and are designed to run for decades. This creates significant security blind spots if an accurate asset inventory is not built from the get-go. Having an up-to-date, ongoing record of every OT asset, controller, sensor, and connected system makes the environment much easier to protect.
  • Secure partner networks. Nearly every manufacturing company outsources some portion of its maintenance and equipment monitoring to a third-party. As a best practice, untrusted remote users should always be subject to additional scrutiny such as intrusion prevention systems (IPS), transport layer security (TLS) Inspection, anti-malware, and posture checks to ensure that all third-party devices meet the security requirements of the organization.
  • Go beyond perimeter-based defenses. Virtual private networks (VPNs) and remote access tools (like TeamViewer) have traditionally been the go-to security methods to protect manufacturing environments. But these perimeter-based defenses are quickly becoming obsolete as attack surfaces expand and cybercriminals are emboldened by AI. Today, VPNs and concentrators are a very common entry point for threat actors, as seen in the aforementioned Claud Code attack.

Secure access service edge (SASE) platforms provide a much more secure mechanism for remote access, and succeed even where proxy-based security service edge (SSE) solutions fall short. 

For instance, proxy-based SSE solutions don’t allow native tools to send out "pings" to discover devices in the manufacturing environment, making it difficult to know the IP addresses of the devices you need to manage across multiple sites and customers. Hiding your infrastructure behind a SASE provider increases security posture while decreasing your outward-facing attack surface.

The manufacturing attack surface will only continue to grow. Facilities are becoming more connected, and new tools and technologies are constantly being introduced to boost efficiency and drive the bottom line. 

It’s never been a more crucial time for manufacturing companies to button up their security. By creating an inventory of their assets, securing partner networks, and adopting a SASE platform, manufacturers can thwart attacks without slowing down the factory floor.

Related Stories
Deepfake Orhan Turan
Cybersecurity
How AI Is Transforming Cybersecurity Threats in 2026
General Cyberattack
Cybersecurity
Inside The Mind of a Hacker
Russian Hacker Dmitry Nogaev
Cybersecurity
Hacktivists Are an Overlooked Threat, but That Threat Is Increasing
Cybersecurity
Cybersecurity
Indurex Launch to Advance Safety, Cybersecurity Resilience Across Cyber-Physical Systems
More in Cybersecurity
Cybersecurity
Automotive Ransomware Attacks More Than Doubled in 2025
More AI, expanded autonomous technologies and evolving threat actors are elevating cyber risks.
Automobile Cockpit, Various Information Monitors And Head Up Displays
Cybersecurity
SBOM Regs Rolled Back
The two Biden-era memoranda required agencies to obtain software security attestations before deployment.
Us Binary Flag Mirsad Sarajlic
Cybersecurity
Threats Targeting Employee Credentials Surge 389 Percent
Credentials are being stolen in as little as 14 minutes.
Protection Background Technology Security 524882074 701x502 (1)
Cybersecurity
Shadow AI Threats Grow
Productivity pressures are pushing many to bypass safeguards, increasing exposure to data leaks.
Insider Threat Leo Wolfert
Cybersecurity
Report Shows AI-Enabled Threats As Top Concern
AI could help hackers take greater advantage of visibility shortcomings.
Computer Crime Concept 516607038 2125x1416 (1)
Cybersecurity
The Domino Effect of a Data Breach
Here are some strategies to detect breaches faster and limit their capacity for damage.
Coding
Cybersecurity
AI Won’t Replace the Cybersecurity Workforce, But It Will Redefine It
AI is framed as a multi-faceted solution, but the conversation often goes off course.
Ai Your Photo
Cybersecurity
Security Breach: Strengthening Your Weakest Links
All the little things can kill a cybersecurity strategy, but there are ways to tie them all together.
Ep157
Cybersecurity
The Rise of Identity and Data Security Dependency
Predictions on what will shape industrial cybersecurity in 2026 and beyond.
Protection Background Technology Security 524882074 701x502 (1)
Cybersecurity
How AI Is Transforming Cybersecurity Threats in 2026
Social engineering, deep fakes and more will benefit from the evolution of artificial intelligence.
Deepfake Orhan Turan
Cybersecurity
Inside The Mind of a Hacker
The report details how hackers are moving to a more collaborative, AI-enhanced approach.
General Cyberattack
Cybersecurity
Hacktivists Are an Overlooked Threat, but That Threat Is Increasing
Larger attack surfaces and complex supply chains offer opportunities for greater chaos.
Russian Hacker Dmitry Nogaev
Page 1 of 55
Next Page