Electronics Industrial IoT cybersecurity: As strong as its weakest link

Many electronics manufacturing companies don’t properly protect against cyberattacks when implementing Industrial Internet of Things (IIoT) sensors and technologies.
Download the study infographic

You wouldn’t leave your plant door unlocked, would you? Yet electronics manufacturers might be exposing intelligent equipment and automated processes to potentially more dangerous risk.

Manufacturing plants are becoming instrumented and connected. They are transforming into cyber-physical systems, with the IIoT as a core component of cognitive manufacturing. IIoT devices and sensors embedded in physical assets provide data about the functioning of these systems. When this data is analyzed, it gives organizations a better understanding of their manufacturing operations and brings new business and operational opportunities to light.

Manufacturing operations are among the most expensive parts of the electronics value chain. While IIoT provides insight, it can also increase the risk of exposure to potential cyberattacks and damage on multiple fronts. Each point presents a new opportunity for unauthorized entry. Whether caused by cyber hackers, competing companies, countries engaged in corporate espionage or even disgruntled employees, losses can mount quickly once under attack. The risks may include equipment failure, loss of critical data and corporate reputation, or even injury and loss of life.

IIoT technologies can vastly improve operational efficiencies, yet they also expose potential new attack surfaces and security targets if not properly protected. Each new machine joins “a system of systems” as it connects to additional IIoT devices. Technological expansions such as 5G will likely increase the use of IIoT technologies by providing the infrastructure needed to carry huge amounts of data. But this also widens the attack surface. Virtually anything can become vulnerable, from high value assets or services, critical workloads in the cloud, process control subsystems in cyber-physical systems to critical business and operational data.

Protect the entire Electronics IIoT system

Organizations need capabilities that will protect not only their assets and networks, but also their entire IIoT ecosystems. Equally important is the ability to respond quickly and effectively in the event of a breach. Organizations of virtually all types must work to keep pace with ever-evolving IIoT threats.

To better understand IIoT security risks and implications, the IBM Institute for Business Value (IBV) partnered with Oxford Economics to survey 700 executives. They represent 700 companies in 18 countries from the energy and industrial sectors, of which 269 were electronics. They are all implementing IIoT in their plants.

The two most prevalent applications are for real-time equipment monitoring and predictive maintenance, at 65 percent and 58 percent. Automation of machines and processes are also common applications, with 45 percent and 43 percent using IIoT technologies to automate machines and workflow respectively.

Electronics companies are aware of the cybersecurity risks and are working to manage their security spending accordingly. But they are less clear on the combination of IIoT cybersecurity capabilities—skills, controls, practices and protective technologies—required to secure their current and future business from IIoT threats.

Amid the rapid adoption of new technology, companies not prioritizing appropriate cybersecurity protection measures expose themselves to significant risks, including exposure of sensitive data and production disruptions resulting from sabotage.

From a spending perspective, 61 percent of electronics respondents report that protecting sensitive data is the primary driver of their IIoT cybersecurity spending. More than 50 percent also cite reducing events, incidents and breaches as a primary driver.

The greatest IIoT-related risk for electronics companies is the exposure of sensitive data. In fact, of all the types of IIoT-cybersecurity incidents (suspected, attempted and successful incursions) that occur in the electronics industry, data leakage is number one.

Bookmark this report  

Additional content

Meet the authors

Martin Borrett

Connect with author:


Peter Xu

Connect with author:


Cristene Gonzalez-Wertz, Global Electronics, Environment, Energy, and Utilities Research Leader, IBM Institute for Business Value

Lisa-Giane Fisher

Connect with author:

, Leader, Middle East and Africa, and Global Benchmark Research leader, Utilities industry, IBM Institute for Business Value

Download report translations

Originally published 18 October 2018