Cyber threats are constantly evolving—especially for industry. Prevention is essential. However, given limited resources, a key question arises: where can the most effective measures be taken?
According to a VDMA survey, companies expect cybersecurity incidents to increase in the coming years.
Around 54% of the companies surveyed in the VDMA "Industrial Security" study anticipate an increase in security incidents in their own company in the coming years. This assessment is also reflected in other studies and is supported by developments in recent years. The trend is pointing steadily upwards. Cyber attacks are on the rise and are becoming increasingly sophisticated.
For companies, this in turn means that the threat is not only increasing, but is also becoming increasingly difficult to detect. In addition, attacks are increasingly targeting small and medium-sized companies, whose resources in the area of cyber security are often limited.
However, preventive IT security measures are not a question of "if", but of "how many". Even small, low-threshold actions can make a decisive contribution to better securing your own company and protecting it from hacker attacks.
The Domino Effect of A Cyberattack
If a cyberattack occurs, an affected company often has to deal with the security incident for several days or even weeks. The consequences for industrial companies in particular, where technology, supply chains and partner companies are often affected in the event of an attack, are serious in most cases. According to the VDMA study, the affected companies mostly suffer capital losses (32%) and production losses (29%).
Two examples illustrate these risks. The turbine manufacturer Wiegert & Bähr was the victim of a hacker attack. The fraudsters gained access to an employee's email account and changed the bank details on two invoices. The money, totaling almost half a million US dollars, was then transferred to an account in Spain. It was only by chance that the fraud was discovered through the deceptively genuine-looking invoices and the payments were stopped in time.
The situation is much more drastic following a hacker attack at plant manufacturer Kreisel GmbH & Co. KG. The company with 140 employees was attacked by hackers in 2024 and was paralyzed for several weeks. The plant manufacturer had to file for insolvency at the beginning of 2025. The financial imbalance responsible for this resulted, among other things, from the security incident in the previous year.
The examples show impressively what effects a hacked email inbox, for example, can have on the entire company structure. Processes, machines and relationships with employees and partners are put to the test during cyber attacks or, in the worst case, can even be compromised. Production downtimes and delivery difficulties are then consequences that can quickly threaten the existence of small and medium-sized companies in particular.
Only the Weak Link is Safe: Cyber Threats for Industrial Companies
A cyberattack can have many faces. Due to the increased use of artificial intelligence by hackers, incidents are becoming increasingly difficult for companies to recognize as such. The VDMA study identifies "social engineering and phishing" (1st place), "human error and sabotage" (2nd place) and "software and hardware vulnerabilities in the supply chain" (3rd place) as the threats with the highest risk assessment on the part of the companies surveyed.
This picture is consistent with current developments in the field of cyber security. Phishing attacks in particular have been successful for years in sabotaging companies and their data. Attackers attempt to steal sensitive information such as usernames, passwords or credit card details by posing as trustworthy institutions and tapping into confidential data through fake emails, websites or messages.
The human factor has also become increasingly relevant for hackers in recent years in order to gain access to sensitive information. This is precisely where social engineering comes in and specifically uses the human factor to obtain passwords, for example.
In addition to the aforementioned supply chain security, OT (operational technology) security is also an important factor in protecting industrial companies. While cyber criminals target the weakest link in an attack on the supply chain in order to compromise the entire supply chain, attacks on OT systems use the systems themselves as door openers and give cyber criminals access to data and networks.
Date: 08.12.2025
Naturally, we always handle your personal data responsibly. Any personal data we receive from you is processed in accordance with applicable data protection legislation. For detailed information please see our privacy policy.
Consent to the use of data for promotional purposes
I hereby consent to Vogel Communications Group GmbH & Co. KG, Max-Planck-Str. 7-9, 97082 Würzburg including any affiliated companies according to §§ 15 et seq. AktG (hereafter: Vogel Communications Group) using my e-mail address to send editorial newsletters. A list of all affiliated companies can be found here
Newsletter content may include all products and services of any companies mentioned above, including for example specialist journals and books, events and fairs as well as event-related products and services, print and digital media offers and services such as additional (editorial) newsletters, raffles, lead campaigns, market research both online and offline, specialist webportals and e-learning offers. In case my personal telephone number has also been collected, it may be used for offers of aforementioned products, for services of the companies mentioned above, and market research purposes.
Additionally, my consent also includes the processing of my email address and telephone number for data matching for marketing purposes with select advertising partners such as LinkedIn, Google, and Meta. For this, Vogel Communications Group may transmit said data in hashed form to the advertising partners who then use said data to determine whether I am also a member of the mentioned advertising partner portals. Vogel Communications Group uses this feature for the purposes of re-targeting (up-selling, cross-selling, and customer loyalty), generating so-called look-alike audiences for acquisition of new customers, and as basis for exclusion for on-going advertising campaigns. Further information can be found in section “data matching for marketing purposes”.
In case I access protected data on Internet portals of Vogel Communications Group including any affiliated companies according to §§ 15 et seq. AktG, I need to provide further data in order to register for the access to such content. In return for this free access to editorial content, my data may be used in accordance with this consent for the purposes stated here. This does not apply to data matching for marketing purposes.
Right of revocation
I understand that I can revoke my consent at will. My revocation does not change the lawfulness of data processing that was conducted based on my consent leading up to my revocation. One option to declare my revocation is to use the contact form found at https://contact.vogel.de. In case I no longer wish to receive certain newsletters, I have subscribed to, I can also click on the unsubscribe link included at the end of a newsletter. Further information regarding my right of revocation and the implementation of it as well as the consequences of my revocation can be found in the data protection declaration, section editorial newsletter.
Proactivity Instead of Waiting
The security situation for industrial companies is coming to a head. Waiting to take preventive measures will have consequences sooner or later. Even the first steps in the area of cyber security can have a major impact and better protect a company and its data from cyber attacks.
This includes measures in the areas of password security, backup structure and employee sensitization. Companies must ensure that their team uses complex passwords and, ideally, two-factor or even multi-factor authentication should be used. This method confirms the identity of employees with an additional security measure. Unauthorized access to systems and data is thus prevented.
Many companies are often negligent when it comes to backups. However, backups are a decisive factor when it comes to restoring data or a system. In addition to the continuous creation of backups, it is important that the backups are regularly checked and updated.
Furthermore, in addition to two physical copies, one should also be stored in the cloud. This backup process should be recorded transparently, communicated within the company and, above all, adhered to. This is the only way a backup can really help in an emergency and avoid lengthy process restrictions.
Employee sensitization is becoming increasingly important. As the threats have shown, the human factor is increasingly at the center of hacker attacks. Cybersecurity training courses that convey the topic in a practical way and are tailored to the company ensure that the fear of misconduct is allayed and that staff react correctly in the event of a security incident.
Securely Positioned for A Digital Future
Cyber resilience is not just a trending topic, but a key factor for companies to remain future-proof and competitive. Industrial companies need to take a close look at their processes and supply chains and minimize cyber risks as much as possible. This is the only way to mitigate the impact of cyber attacks.
In addition to mandatory measures that arise for affected companies as a result of directives such as the NIS2 Directive or the Cyber Resilience Act, small and medium-sized enterprises in particular should evaluate cyber security in their company in detail and derive concrete actions. Only companies that strategically anchor the topic within the company will remain on an equal footing in digital competition.
Marc Dönges is project manager at the cyber security transfer office for SMEs
:quality(80)/p7i.vogel.de/wcms/ac/24/ac24a11949181f09353e0fb94c7a8259/0129097402v1.jpeg "Gearbox damage brings wind turbines to a standstill. The \"Winclusion\" research project therefore aims to improve the forecast for the service life of wind gearboxes. (Image:Claudia Hinz/Pixabay)")
:quality(80)/p7i.vogel.de/wcms/9e/55/9e559bb6b3d48edffcc9193f03ff4ad0/0129095779v1.jpeg "Robot Offline Programming enables manufacturing companies to realistically simulate and optimize even complex movements in the areas of welding, surface treatment, cutting and painting processes in virtual environments. (Image:Visual Components)")
:quality(80)/p7i.vogel.de/wcms/14/eb/14eb774f7a0d8b6f48ac3cd0a4ae13f7/0129050046v1.jpeg "Maximum productivity with the \"NT-Flex+\": The extended kinematics allow superimposed machining with three tools simultaneously, thus significantly reducing cycle times. (Image:Walter Meier (manufacturing solutions) AG)")
:quality(80)/p7i.vogel.de/wcms/33/61/3361b3e049264940e11023505026f81a/0128934763v1.jpeg "Swipbox offers a locker platform that adapts flexibly to networks, customers and growth. (Image:Swipbox)")
:quality(80)/p7i.vogel.de/wcms/9c/ab/9cab21491606aa2307666fe98ecd6e71/0129075731v1.jpeg "The AI-generated demonstration cabinet, which was shown for the first time at SPS 2025, was created as a joint project between WSCAD, ABB, Phoenix Contact and häwa. (Image:Phoenix Contact)")
:quality(80)/p7i.vogel.de/wcms/f4/61/f4615bc4550548c72a754f3e2c58f859/0128580377v1.jpeg "According to a VDMA survey, companies expect cybersecurity incidents to increase in the coming years. (Picture: ©valerybrozhinsky - stock.adobe.com)")
:quality(80)/p7i.vogel.de/wcms/37/de/37de9af70ae0e4aa39f87f581650dd51/0129072359v1.jpeg "For Eddie Seymour, the breakthrough of humanoid robots is within reach. (Image:Nvidia)")
:quality(80)/p7i.vogel.de/wcms/cf/b8/cfb85f27d7786bc99685ec5a2639a410/0129003760v1.jpeg "Setting a good example ourselves: Igus has already automated its production and logistics with low-cost automation components at 2,500 locations. (Image:Igus)")
:quality(80)/p7i.vogel.de/wcms/eb/92/eb9267f5522dd1664e0ee125a11c4c4b/adobestock-308282197--c2-a9-20malp-20-e2-80-93-20stock-adobe-com-4700x2643v1v1.jpeg "A new liquid air storage system is expected to generate 180 million kilowatt hours of electricity per year, enough to supply 30,000 households with electricity for a whole year. (Image:malp - stock.adobe.com.jpeg)")
:quality(80)/p7i.vogel.de/wcms/e5/41/e541db2da42fb47cb78929b114494c9f/0128553956v1.jpeg "3D modeling software Blender with the integrated component catalog from MHJ-Software (left), the setup of a virtual system in the design area (central) and the specially developed plugin for skill configuration (right). (Image:MHJ software)")
:quality(80)/p7i.vogel.de/wcms/09/5b/095b951a31f3e465c6f558de46d804d7/0127990500v1.jpeg "Komax Tapping was looking for a lifting column for the base frame of its taping machines that had both the necessary strength and stability to adjust the height of the entire structure. (Image:Linak)")
:quality(80)/p7i.vogel.de/wcms/59/0d/590d3c7ae4b7a4df0ff976a33510b7ec/0128999676v1.jpeg "A multitasker in action: During assembly work, the B&M Contactscrew ensures a secure ground connection and clean threads. (Image:b&m)")
:quality(80)/p7i.vogel.de/wcms/5a/2a/5a2aa458291a73b90623e67ebec60f7a/0129089498v1.jpeg "Daimler Truck has presented the next version of the GenH2 truck. It is to be produced in a small series. (Image:Daimler Truck)")
:quality(80)/p7i.vogel.de/wcms/f6/d6/f6d6920782cdbf02de00007399676632/0129068942v1.jpeg "ZF Forum in Friedrichshafen. (Image:ZF)")
:quality(80)/p7i.vogel.de/wcms/da/e3/dae345342629f75d623ff89cf9d0abf9/0129004948v1.jpeg "Toshiba and Mikroe have presented a motor control unit that simplifies prototype construction in the automotive sector. (Image:Toshiba)")
:quality(80)/p7i.vogel.de/wcms/24/4a/244a1ee866286af67d94c1ad58996c7f/0129052527v1.jpeg "Signature for the foundation of a new electric bus manufacturer: Karl Deppen from Fuso and Jun Seki from Foxconn. (Image:Foxconn)")
:quality(80)/p7i.vogel.de/wcms/cc/ea/ccea7e4dd65520f78ff6495c9d86bda4/0129081026v1.jpeg "In the EU project RoboSAPIENS, the Fraunhofer IFF is testing human-robot collaboration without a safety fence, in which the robot adapts its speed and behavior to the detected risk depending on the situation. (Image:Lucid Origin / AI-generated)")
:quality(80)/p7i.vogel.de/wcms/02/e9/02e96ae8cdd8befd5dba1ad2e07a0bf0/0128985529v1.jpeg "Researchers at TU Wien have developed electromechanical sensors that can be fully integrated into a chip. The image shows the nano-device with a planar coil. (Image:TU Vienna)")
:quality(80)/p7i.vogel.de/wcms/31/0f/310ff0cffd03d830e8651110863ff8fa/0129062766v1.jpeg "Solutions for storage bottlenecks: Connect SSDs via NVMe-oF (left) or use inexpensive HDDs (right). (Image:Nano Banana / AI-generated)")
:quality(80)/p7i.vogel.de/wcms/20/44/2044f216e994ea7dedf81c17e1a35b8f/0129067812v1.jpeg "The Ophir SP301Q CQD uses koolidal quantum dots. Thanks to its customized optical properties, the beam profile measuring device is an alternative to InGaAs sensors. (Image:MKS)")
:fill(fff,0)/images.vogel.de/vogelonline/companyimg/76800/76895/65.jpg "FAULHABER_120mm.jpg ()")
:fill(fff,0)/p7i.vogel.de/companies/67/eb/67eba621ef6ea/logo2.png "logo2 (Wuxi InfiMotion)"){kind=logo}
:quality(80):fill(efefef,0)/p7i.vogel.de/wcms/67/f7/67f7b719776ca/elatec-wp5-sso-engl.png "Elatec WP5 SSO Engl")
:quality(80)/p7i.vogel.de/wcms/db/01/db0155d9e7ca9fd069bd9bd4161f4d1b/0127315728v1.jpeg "Hackers have become the mafia of the digital age. They block systems, steal sensitive data, and extort money. They no longer operate as individuals in backrooms but as professionally organized groups equipped with top-notch technology. Their targets include both international corporations and medium-sized and small businesses. (Image:Bystronic/Justin Wood)")
:quality(80)/p7i.vogel.de/wcms/18/cb/18cb26e570eabb146e0503b468c864a8/0128555555v1.jpeg "To ensure cybersecurity, transparency throughout the entire supply chain is particularly relevant. Security gaps can arise not only from one's own employees. (Image: ©tippapatt - stock.adobe.com)")