By Robbie Ross, Cyber Security Lead, Converged Communication Solutions. Article first published by CeeD, as part of its Cyber Resilience Focus, March 2026.
Manufacturing has always operated with a careful balance between innovation and risk. Automation, supply chain dependency, safety considerations and uptime pressure all shape how new technologies are adopted.
AI is the latest example. It offers significant gains in efficiency and insight, but it also introduces new challenges for cyber resilience.
Like previous waves of industrial technology, AI brings both opportunity and risk. It is helping manufacturers optimise production, predict equipment failures and improve quality control. At the same time, it is changing how cyber attackers operate.
Scottish Manufacturers Are Already Feeling the Pressure
Scottish manufacturing firms are already familiar with the operational impact cyber incidents can have. Several well-known industrial organisations have experienced attacks that caused disruption, downtime, and significant recovery effort.
Attackers are using AI to make their work faster, more convincing, and harder to detect.
This isn’t about scaremongering. It’s about recognising that the threat is evolving. Cyber risk in manufacturing is no longer theoretical – it is operational.
What Manufacturing Environments Actually Look Like
Anyone working in manufacturing knows that these environments are complex – a reality we encounter often when supporting clients across the sector. You’ll typically find PLCs, SCADA systems, CNC machines, conveyors, smart sensors, MES platforms, and ERP systems operating together across production and business systems.
There are also realities that can often be underestimated:
- Legacy systems that still run critical processes
- Downtime windows that are planned months in advance
- Safety‑critical operations that can’t simply be “patched”
- Highly specialised engineering knowledge
- Increasing overlap between IT and OT
- Vendors connecting remotely for maintenance
This complexity is exactly why AI, on both the offensive and defensive side, matters.
How AI Is Making Attacks More Effective
AI is allowing attackers to automate and scale familiar techniques. For manufacturers, that can mean:
- More believable phishing emails aimed at employees, procurement or finance
- Fake supplier communications that look legitimate
- Automated scanning for vulnerabilities
- Malicious software that adapts to avoid detection
- Targeted mapping of industrial networks
- Faster password guessing and lateral movement
The impact is the same as ever: downtime, lost IP, significant financial losses, supply chain disruption and safety concerns. What has changed is the speed and sophistication with which these attacks can unfold.
How AI Can Strengthen Defences
The good news is AI is not just a threat; it is also a powerful defensive tool. It can analyse vast amounts of data in real-time, identify unusual network behaviour, detect subtle changes in traffic, predict attack paths and accelerate response.
Increasingly, these capabilities are embedded in modern monitoring and security operations platforms. For example, Security Operations Centres (SOCs) and Security Information and Event Management (SIEM) platforms now use machine learning to analyse network activity, identify anomalies and highlight potential threats far earlier than traditional tools could.
Manufacturing has unique pressures that make cyber incidents particularly painful:
- Downtime hits revenue immediately
- Recovery often involves recalibrating machinery, not just restoring files
- Some systems can’t be patched easily
- Safety systems can be affected
- Supply chain disruption quickly snowballs
In this context, cyber resilience and operational resilience are increasingly the same thing, and when AI is used correctly it can support both.
However, AI isn’t a silver bullet. It still needs good data, good configuration, and human oversight. It can create false positives. Poor configuration can introduce new risks. And AI systems themselves need to be secured. The goal is to enhance human expertise, not replace it.
Practical Steps for Manufacturing Leaders
Manufacturers can strengthen resilience by focusing on several practical areas:
- Understand where AI is already being used in your business
- Check the security of AI‑enabled tools and vendor integrations
- Improve visibility across IT and OT
- Implement advanced monitoring and detection capabilities
- Test incident response plans with AI‑enabled attacks in mind
- Treat cyber resilience as part of operational planning
- Work with partners who understand industrial environments
AI in manufacturing isn’t inherently good or bad – it’s a capability. The organisations that treat it purely as a productivity tool risk overlooking its security implications. Those that integrate it into their resilience strategy will be better placed to protect their people, their production, and the continuity of their operations.
About the Author
Robbie Ross is Cyber Security Lead at Converged Communication Solutions, part of the Converged Solutions Group. Combining a background in policing and Counter Terrorism with a strong focus on supporting businesses, he brings a practical, risk-based approach to cyber security, helping organisations strengthen resilience and manage risk effectively.
About Converged Communication Solutions
Converged Communication Solutions, part of the Converged Solutions Group, provides connectivity, IT, cyber security and communications services to organisations across the UK. Working as part of a wider group of specialist businesses, it supports clients in designing, delivering and managing secure, reliable technology environments that underpin day-to-day operations.
