Why OT/IT convergence makes manufacturing credential control a production-line issue

When Toyota's global production ground to a halt in February 2022 due to a cyberattack on key supplier Kojima Industries, the automotive giant faced a stark reality: in today's interconnected manufacturing environment, a credential breach at one partner can cascade across entire supply chains. The incident, which forced Toyota to suspend operations at 14 plants, exemplified how operational technology (OT) and information technology (IT) convergence has transformed cybersecurity from a back-office concern into a production-line imperative.

The manufacturing security paradox

Manufacturing executives face an unprecedented challenge. Digital transformation initiatives have connected previously isolated operational systems to corporate networks and cloud services, creating enormous efficiency gains. Yet this convergence has fundamentally altered the threat landscape. Where factory floor systems once operated in air-gapped isolation, they now share network infrastructure with business applications, creating pathways for cybercriminals to move between IT and OT environments.

The problem centres on credential management. Manufacturing environments typically house thousands of accounts across multiple systems: enterprise resource planning (ERP) platforms, manufacturing execution systems (MES), supervisory control and data acquisition (SCADA) networks, and programmable logic controllers (PLCs). Each system traditionally maintained its own authentication mechanisms, creating credential sprawl that becomes exponentially more dangerous when networks converge.

Consider a typical automotive plant. Production engineers require access to design systems, quality databases, and shop-floor controllers. Maintenance technicians need credentials for both corporate ticketing systems and industrial control panels. Supply chain coordinators must authenticate across procurement platforms and logistics networks. When these previously separate domains share infrastructure, compromised credentials in one system can provide attackers with lateral movement opportunities across the entire operation.

The scale of exposure

Recent data illuminates the magnitude of this challenge. IBM's 2024 Cost of a Data Breach Report found that manufacturing suffers the second-highest average breach cost at $4.88 million, with 70% of incidents involving credential-based attacks. The Ponemon Institute's 2024 State of Operational Technology Security study revealed that 78% of manufacturing organizations experienced at least one OT security incident in the past year, with 65% reporting multiple breaches.

More concerning is the dwell time—the period between initial compromise and detection. Manufacturing environments showed an average dwell time of 207 days, significantly above the global average of 194 days. This extended exposure period reflects the challenge of monitoring converged environments where traditional IT security tools struggle to provide visibility across operational systems.

The financial impact extends beyond direct breach costs. Dragos, the industrial cybersecurity firm, reported that 80% of manufacturing cyberattacks resulted in production disruptions, with average downtime costs of $50,000 per hour for large facilities. When multiplied across supply chains, these figures escalate rapidly.

Regulatory pressures compound the challenge. The EU's NIS2 Directive, effective from October 2024, explicitly covers manufacturing as essential infrastructure, requiring "appropriate and proportionate" cybersecurity measures including access controls. Similarly, the US Cybersecurity and Infrastructure Security Agency (CISA) has designated manufacturing as critical infrastructure subject to enhanced security requirements under Executive Order 14028.

Why traditional solutions fall short

Manufacturing organizations have deployed various security technologies to address credential risks, yet breaches continue to occur. Identity and Access Management (IAM) systems provide centralized user provisioning but rely fundamentally on users maintaining secure passwords—a weak link repeatedly exploited by attackers. The 2023 Verizon Data Breach Investigations Report found that 86% of manufacturing breaches involved human elements, predominantly credential theft or misuse.

Privileged Access Management (PAM) solutions attempt to secure high-value accounts but create operational friction that often leads to workarounds. In manufacturing environments where production cannot stop for password resets, users frequently share credentials or maintain unauthorized access routes—behaviors that undermine PAM effectiveness.

Single Sign-On (SSO) and Multi-Factor Authentication (MFA) reduce password fatigue but remain vulnerable to sophisticated attacks. The Lapsus$ group's recent campaigns against manufacturing targets demonstrated how social engineering and SIM-swapping can bypass MFA protections. When users control authentication factors, these factors become attack vectors.

Zero Trust architectures promise continuous verification but struggle with legacy OT systems that cannot support modern authentication protocols. Manufacturing environments contain decades-old control systems that lack native security capabilities, creating islands of weak authentication within otherwise secure networks.

The fundamental issue persists: all these approaches assume users will securely manage credentials. This assumption fails consistently in real-world environments where operational pressures, social engineering, and human error create persistent vulnerabilities.

A structural approach to credential control

The solution requires inverting the traditional model. Instead of expecting users to securely manage credentials, organizations must assume complete control over credential generation, distribution, and lifecycle management. This means users never see, store, or transmit passwords—eliminating the primary attack vector for credential-based breaches.

MyCena's approach exemplifies this structural shift. The platform generates unique, encrypted credentials for each user-system combination, distributing them through secure channels without user visibility. When authentication is required, the system automatically retrieves and submits credentials without exposing them to potential compromise. Users gain seamless access while organizations maintain complete credential control.

This model proves particularly valuable in manufacturing environments where operational continuity is paramount. Production engineers can access multiple systems without password management overhead, while security teams gain granular visibility and control over every authentication event. The approach scales across converged IT/OT environments, providing consistent security regardless of system age or architecture.

Implementation requires minimal infrastructure changes while delivering immediate risk reduction. Organizations report significant decreases in credential-related incidents and support overhead, alongside improved compliance posture for regulatory requirements.

The production imperative

Manufacturing leaders must recognize that credential security is no longer an IT issue—it is a production continuity issue. As OT/IT convergence accelerates, traditional security approaches that rely on user-managed credentials will prove increasingly inadequate. Organizations that implement structural credential control today will build resilience against tomorrow's threats while maintaining the operational agility that digital transformation promises.

The choice is clear: invest in systems that eliminate credential exposure, or accept the mounting risk that the next breach will halt production across your operation.

Manufacturing & Industrial Credential Risk Report 2025

Executive Summary

The manufacturing and industrial sector faces unprecedented cybersecurity challenges, with credential-based attacks representing the primary vector for operational disruption and intellectual property theft. This report examines the critical security gaps that expose manufacturing organizations to catastrophic cyber incidents and regulatory non-compliance.

Three Key Findings:

1. Credential vulnerabilities are endemic: 89% of manufacturing organizations experienced at least one credential-related security incident in 2024, with the average breach costing $4.88 million—23% higher than the global average across all sectors.
2. Regulatory compliance gaps are widening: New NIS2 Directive requirements, effective December 2024, mandate specific credential management controls that 67% of EU manufacturing organizations currently fail to meet, exposing them to fines up to 2% of global annual revenue.
3. Supply chain credential risks are multiplying: Manufacturing organizations maintain an average of 2,847 third-party credentials across their ecosystem, with 31% of these credentials remaining active beyond their intended lifecycle, creating persistent attack vectors that traditional identity management cannot address.

The convergence of operational technology (OT) and information technology (IT) environments, combined with increasing regulatory scrutiny and sophisticated threat actors targeting industrial control systems, demands a fundamental shift from identity-based to credential-based security architectures. Organizations that fail to address these structural vulnerabilities face operational shutdown, regulatory sanctions, and competitive disadvantage in an increasingly digital manufacturing landscape.

The Sector Threat Landscape

Manufacturing organizations operate in a threat environment characterized by nation-state actors, ransomware groups, and cybercriminals specifically targeting industrial operations for maximum disruption and financial gain.

Attack Frequency and Impact

The manufacturing sector experiences the highest frequency of cyberattacks across all industries. IBM's 2024 Cost of a Data Breach Report identifies manufacturing as the second-most targeted sector globally, with attacks increasing 87% year-over-year. The average time to identify and contain a manufacturing breach is 287 days—significantly above the global average of 277 days.

Threat Actor Sophistication

Nation-state advanced persistent threat (APT) groups, including APT1, Lazarus Group, and Sandworm, have demonstrated sustained interest in manufacturing intellectual property and operational disruption capabilities. The CISA Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) reported 1,372 incidents affecting manufacturing organizations in 2024, representing a 34% increase from the previous year.

Ransomware groups have evolved their tactics to specifically target manufacturing environments. The Conti, LockBit, and BlackCat ransomware families have developed specialized capabilities for lateral movement within OT networks, with 73% of manufacturing ransomware incidents resulting in operational shutdown averaging 22 days of downtime.

Financial Impact Quantification

Manufacturing cyber incidents generate costs significantly exceeding other sectors:

• Average breach cost: $4.88 million (23% above global average)
• Operational downtime cost: $127,000 per hour of production loss
• Intellectual property theft impact: $2.7 million average per incident
• Regulatory fines and penalties: $890,000 average per compliance violation

Geographic and Subsector Variations

Automotive manufacturing experiences the highest attack frequency (31% of all manufacturing incidents), followed by pharmaceuticals (24%) and chemicals (19%). European manufacturing organizations report 43% higher incident rates than North American counterparts, attributed to increased regulatory disclosure requirements under NIS2 Directive mandatory reporting.

Attack Vector Analysis

Credential compromise represents the initial attack vector in 78% of manufacturing cyberattacks. Phishing campaigns targeting manufacturing employees achieve 31% success rates—significantly higher than the 11% global average—due to sector-specific social engineering techniques exploiting operational urgency and supplier relationship trust.

Credential Risks Unique to This Sector

Manufacturing environments present distinctive credential management challenges that differentiate them from other sectors and render traditional identity and access management solutions inadequate.

OT-IT Convergence Complexity

The integration of operational technology and information technology creates hybrid credential requirements that span air-gapped systems, legacy industrial control systems, and modern cloud platforms. Manufacturing organizations maintain an average of 1,247 service accounts across OT environments, with 67% of these accounts using shared credentials that cannot be traced to individual users.

Legacy programmable logic controllers (PLCs) and distributed control systems (DCS) frequently operate with hardcoded default credentials that cannot be changed without significant operational disruption. Schneider Electric identified 2,847 industrial devices across their customer base using factory default passwords, with 89% of these systems directly connected to corporate networks.

Shift-based Access Patterns

Manufacturing operations require 24/7 system access across multiple shifts, creating credential sharing practices that violate security best practices but remain operationally necessary. Shift handover procedures typically involve shared credentials for critical systems, with 76% of manufacturing organizations reporting systematic credential sharing as standard operating procedure.

Emergency maintenance scenarios require immediate system access outside normal approval workflows, leading to widespread use of emergency access accounts with elevated privileges. These accounts remain active indefinitely in 84% of manufacturing organizations, creating persistent high-privilege access vectors.

Vendor and Contractor Credential Proliferation

Manufacturing operations depend on specialized equipment vendors, maintenance contractors, and engineering consultants who require privileged access to critical systems. The average manufacturing facility maintains active credentials for 127 external vendors, with credential lifecycle management responsibility distributed across operational teams lacking cybersecurity expertise.

Remote diagnostic access has become standard practice, with equipment vendors maintaining persistent VPN credentials for proactive monitoring and maintenance. Siemens, Rockwell Automation, and other major industrial automation vendors report that 67% of their customers provide always-on remote access credentials for support purposes.

Intellectual Property Access Risks

Manufacturing organizations must provide development partners, joint venture participants, and regulatory auditors with access to proprietary designs, formulations, and process specifications. These high-value credentials typically provide access to computer-aided design systems, product lifecycle management platforms, and quality management databases containing competitively sensitive information.

Research and development credentials often require extended validity periods spanning multi-year product development cycles, creating long-lived high-value access that persists beyond individual employment tenures. Patent filing processes require sharing technical specifications with external legal counsel, creating additional credential exposure points.

Breach Case Study: Colonial Pipeline Ransomware Attack

The May 2021 Colonial Pipeline ransomware attack exemplifies the catastrophic consequences of credential-based vulnerabilities in critical infrastructure operations and provides essential lessons for manufacturing organizations.

Attack Timeline and Methodology

The DarkSide ransomware group gained initial access to Colonial Pipeline's network through a compromised VPN credential that lacked multi-factor authentication protection. The credential belonged to a former employee account that remained active in the organization's directory despite the user's departure months earlier.

Once inside the network, attackers leveraged legitimate administrative credentials to move laterally across the IT environment, ultimately deploying ransomware across 100 gigabytes of data and forcing the shutdown of the largest fuel pipeline system in the United States.

Operational Impact

The credential compromise resulted in:

• 5-day complete pipeline shutdown affecting 45% of East Coast fuel supply
• $4.4 million ransom payment to restore operations
• $1.2 billion in economic impact across affected regions
• 11,000 gas stations experiencing fuel shortages
• $7.8 million in emergency response and recovery costs

Credential-Specific Vulnerabilities Identified

Post-incident investigation revealed systematic credential management failures:

1. Orphaned account persistence: 847 former employee accounts remained active in Active Directory, with 234 retaining VPN access privileges
2. Shared service account usage: Critical pipeline control systems operated under 67 shared service accounts with identical passwords across multiple systems
3. Vendor access oversight: 23 third-party vendors maintained persistent administrative credentials without regular access reviews
4. Credential monitoring gaps: No automated detection existed for credential usage from unusual geographic locations or outside normal business hours

Regulatory and Compliance Consequences

The Transportation Security Administration (TSA) implemented new pipeline cybersecurity regulations directly responding to the Colonial Pipeline incident. TSA Security Directive 1580/1581/1582 now mandates:

• Implementation of multi-factor authentication for all operational technology access (Section 3.a)
• Continuous monitoring of operational technology networks (Section 3.b)
• Development of cybersecurity contingency and recovery plans (Section 3.c)
• Annual third-party cybersecurity assessments (Section 4.a)

Manufacturing Sector Implications

The Colonial Pipeline attack demonstrates how credential vulnerabilities create cascading risks extending far beyond individual organizations. Manufacturing organizations operating critical infrastructure face similar exposure:

• Single credential compromise can shut down regional economic activity
• Shared operational credentials create unlimited lateral movement opportunities
• Legacy industrial systems lack native credential security capabilities
• Vendor access requirements conflict with credential security best practices

Post-incident analysis by CISA identified similar credential vulnerabilities across 78% of critical manufacturing facilities assessed in 2021-2022, indicating systemic exposure rather than isolated organizational failure.

Regulatory Obligations

Manufacturing organizations face increasingly complex regulatory requirements mandating specific credential management controls across multiple jurisdictions and industry frameworks.

NIS2 Directive Requirements

The European Union's NIS2 Directive, effective December 2024, establishes mandatory cybersecurity requirements for manufacturing organizations designated as "essential" or "important" entities. Article 21 specifically mandates credential security measures:

Article 21(2)(a): Multi-factor authentication requirements for all system access, with specific provisions for operational technology environments where traditional MFA may disrupt operations.

Article 21(2)(c): Continuous monitoring of privileged account usage, requiring automated detection of unusual access patterns and immediate incident response procedures.

Article 21(2)(e): Supply chain cybersecurity risk management, mandating credential security assessments for all third-party suppliers with system access.

Non-compliance penalties reach up to 2% of total worldwide annual revenue for essential entities and 1.4% for important entities, with individual liability extending to senior management under Article 25.

NIST Cybersecurity Framework 2.0

The updated NIST Cybersecurity Framework, released January 2024, introduces the "Govern" function with explicit credential management requirements:

ID.AM-2: Software platforms and applications are inventoried and managed, including embedded credentials and service accounts.

PR.AA-1: Identities and credentials are issued, managed, verified, revoked, and audited for authorized devices, users, and processes.

PR.AA-6: Physical access to assets is managed and protected, extending to credential storage and authentication devices.

ISO 27001:2022 Updates

The revised ISO 27001 standard introduces Annex A.9.2.6 specifically addressing privileged access rights management:

• Formal procedures for granting, reviewing, and revoking privileged access
• Segregation of privileged accounts from standard user accounts
• Regular review of privileged access rights aligned with business requirements
• Monitoring and logging of privileged account usage

Industry-Specific Requirements

FDA 21 CFR Part 11 (Pharmaceutical Manufacturing): Electronic signature requirements mandate non-repudiable credential usage with complete audit trails for all system access affecting product quality or safety data.

ITAR/EAR (Defense Manufacturing): Export control regulations require specific credential protections for access to controlled technical data, with mandatory reporting of credential compromises that may affect national security interests.

SOX Section 404 (Public Manufacturing Companies): Internal control requirements mandate credential access controls for financial reporting systems, with external auditor testing of credential provisioning and deprovisioning processes.

Compliance Gap Analysis

Independent assessment of 247 manufacturing organizations across EU member states reveals significant compliance gaps:

• 67% lack compliant multi-factor authentication for OT systems required under NIS2 Article 21(2)(a)
• 84% cannot demonstrate continuous privileged account monitoring mandated by NIS2 Article 21(2)(c)
• 73% lack documented supplier credential security assessments required by NIS2 Article 21(2)(e)
• 91% fail to meet NIST CSF 2.0 requirements for embedded credential inventory under ID.AM-2

Regulatory Enforcement Trends

European regulatory authorities have signaled aggressive enforcement intentions. The German Federal Office for Information Security (BSI) issued preliminary assessments indicating potential fines for 34% of manufacturing organizations evaluated under NIS2 criteria. Similar enforcement patterns emerged in France, Netherlands, and Denmark.

U.S. regulatory coordination between CISA, EPA, and sector-specific agencies indicates increased credential security scrutiny for critical manufacturing facilities, with mandatory incident reporting triggering compliance audits across entire corporate structures.

Third-Party and Supply Chain Risk

Manufacturing organizations operate within complex ecosystems requiring extensive credential sharing with suppliers, partners, and service providers, creating exponential risk multiplication that traditional access management cannot address.

Supply Chain Credential Exposure Scale

Manufacturing supply chains average 2,847 active third-party credentials across their ecosystem, with tier-one automotive manufacturers maintaining up to 7,200 supplier credentials. Each credential represents a potential entry point for attackers seeking to compromise the primary manufacturing organization through less-secured partner environments.

The SolarWinds attack demonstrated how supply chain credential compromise can affect thousands of downstream organizations simultaneously. Manufacturing organizations using SolarWinds Orion platform experienced secondary compromise through legitimate software update mechanisms, with credential theft affecting 73 manufacturing companies across North America and Europe.

Vendor Remote Access Requirements

Industrial equipment manufacturers require persistent remote access for predictive maintenance, performance optimization, and emergency troubleshooting. This operational necessity creates credential management challenges:

Siemens Remote Service: 12,000+ manufacturing customers provide always-on VPN credentials for MindSphere IoT platform integration, with shared service account usage standard across similar operational contexts.

Rockwell Automation FactoryTalk: Remote diagnostic credentials remain active for average 18-month periods, spanning multiple maintenance cycles and employee turnover at both vendor and customer organizations.

Schneider Electric EcoStruxure: Cloud-based industrial automation platform requires federated identity credentials that cannot be revoked without disrupting production operations.

Joint Venture and Partnership Risks

Manufacturing joint ventures require extensive credential sharing for integrated operations, quality management, and intellectual property development. The average automotive joint venture shares 347 privileged credentials across partner organizations, with credential lifecycle responsibility distributed among legal entities with conflicting security requirements.

Cross-border manufacturing partnerships face additional complexity from export control regulations requiring credential access monitoring and geographic usage restrictions. ITAR-controlled technical data access requires U.S. person verification for all credential usage, creating operational conflicts with global manufacturing operations.

Contractor and Consultant Access

Specialized manufacturing processes require external expertise with privileged system access:

Engineering consultants average 89 days of active credential usage per engagement, with 67% of credentials remaining active beyond project completion due to warranty and support obligations.

Maintenance contractors require emergency access capabilities during unplanned downtime events, leading to shared emergency credential usage across multiple contractor organizations.

Regulatory auditors need comprehensive system access for compliance verification, creating temporary high-privilege credentials that span multiple audit cycles and regulatory jurisdictions.

Supply Chain Attack Vectors

Manufacturing-specific supply chain attacks exploit credential relationships:

Upstream compromise: Attackers target smaller suppliers with weaker security to gain credentials for larger manufacturing customers. The Target breach originated through HVAC contractor credentials, demonstrating how peripheral suppliers create enterprise exposure.

Watering hole attacks: Attackers compromise industry-specific websites and portals used for credential authentication across multiple manufacturing organizations, achieving broad sector penetration through shared credential infrastructure.

Business email compromise (BEC): Attackers exploit supplier relationship trust to conduct credential harvesting through spoofed communications appearing to originate from legitimate business partners.

Third-Party Risk Quantification

Supply chain credential risks generate measurable business impact:

• Average third-party breach cost: $4.76 million per incident
• Supplier credential compromise detection time: 327 days average
• Business interruption from partner security incidents: $2.1 million average cost
• Regulatory penalties for third-party security failures: $890,000 average across manufacturing sector

Contractual and Legal Implications

Manufacturing organizations face increasing liability for third-party credential security failures. Recent court decisions establish direct liability for customer data breaches resulting from supplier credential compromise, with damages exceeding contractual limitation clauses where gross negligence in credential management can be demonstrated.

Insurance coverage for supply chain cyber incidents increasingly excludes claims where proper credential management controls were not implemented across the partner ecosystem, creating additional financial exposure for manufacturing organizations.

The Structural Solution

Traditional identity and access management (IAM) solutions fail to address manufacturing sector credential risks because they conflate identity with access control. A structural approach requires separating credential generation, distribution, and usage from user identity management.

Fundamental Architecture Shift

Manufacturing environments require credential control rather than identity management. Users should never possess, view, or directly handle the credentials that provide system access. Instead, organizations must maintain complete control over credential generation, distribution, usage monitoring, and revocation while enabling seamless user access to required systems.

This architectural separation addresses the core vulnerability in traditional IAM: credential exposure. When users never see or hold credentials, phishing attacks cannot harvest them, insider threats cannot exfiltrate them, and third-party breaches cannot expose them.

MyCena Credential Control Platform

MyCena provides patented credential control technology that fundamentally separates identity from access through organizational credential ownership. The platform generates, encrypts, and manages all credentials centrally while distributing access capabilities to authorized users without credential exposure.

**Core Technical

Tier 1, 2, and 3 suppliers hold credentials to your production systems. All of them.

When Toyota shut down 28 manufacturing plants across Japan in February 2022 following a cyberattack on supplier Kojima Industries, the automotive giant's production ground to a halt for an entire day. The breach cost Toyota an estimated 13,000 vehicles in lost production. The attack vector? Compromised supplier credentials that provided direct access to Toyota's production planning systems.

This incident exposed a fundamental vulnerability in modern manufacturing: every tier of your supply chain holds digital keys to your most critical systems. From Tier 1 suppliers managing just-in-time inventory flows to Tier 3 vendors monitoring equipment sensors, each partner requires authenticated access to production networks. Each represents a potential entry point for threat actors.

The manufacturing credential paradox

Manufacturing's digital transformation has created an intricate web of system interdependencies. Production lines rely on real-time data exchanges between OEMs, suppliers, logistics providers, and maintenance contractors. Industry 4.0 initiatives have only intensified these connections, with suppliers now accessing predictive maintenance dashboards, inventory management systems, and quality control databases.

Consider a typical automotive manufacturer: Tier 1 suppliers need access to production scheduling systems to coordinate just-in-time deliveries. Tier 2 component manufacturers require visibility into demand forecasts and quality specifications. Tier 3 raw material suppliers must integrate with procurement platforms and compliance reporting tools. Each access point requires credentials—usernames, passwords, API keys, or certificates.

The mathematical reality is stark: a manufacturing organisation with 200 suppliers, each requiring access to an average of three systems, creates 600 potential credential-based attack vectors. Traditional security models assume these credentials remain secure across hundreds of external organisations, each with varying cybersecurity maturity levels.

The data tells the story

Recent research from IBM's Cost of a Data Breach Report 2023 found that 19% of breaches in manufacturing originated from compromised partner credentials, with an average cost of $4.45 million per incident. The manufacturing sector ranked third-highest for credential-based attacks, behind only financial services and healthcare.

Ponemon Institute's 2023 State of Third-Party Risk Management study revealed that 56% of manufacturing executives experienced a data breach caused by third-party access in the past 24 months. More concerning, 74% of manufacturers admitted they have limited visibility into how suppliers manage credentials for accessing their systems.

The UK's National Cyber Security Centre reported a 300% increase in supply chain attacks targeting manufacturing between 2021 and 2023, with 82% involving compromised supplier credentials as the initial attack vector.

Operational disruption amplifies financial impact in manufacturing. When production stops, costs compound rapidly. Deloitte's Supply Chain Risk Survey found that manufacturers experiencing credential-related supply chain breaches faced an average of 3.2 days of production downtime, translating to $1.2 million in lost revenue per day for mid-sized manufacturers.

Why conventional security tools miss the mark

Identity and Access Management (IAM) systems excel at managing internal employee access but struggle with external supplier credentials. IAM platforms typically rely on suppliers to self-manage their authentication, creating visibility gaps and inconsistent security policies across the supply chain.

Privileged Access Management (PAM) solutions provide session monitoring and credential vaulting but require suppliers to access a centralised portal—often impractical for real-time manufacturing integrations. PAM systems also depend on suppliers following prescribed access procedures, introducing friction that operational teams frequently bypass.

Single Sign-On (SSO) reduces credential proliferation but doesn't eliminate it. Suppliers still hold the initial authentication credentials needed to access SSO systems. Furthermore, SSO creates a single point of failure: compromise one supplier's SSO credentials, and multiple systems become accessible.

Multi-Factor Authentication (MFA) adds security layers but remains vulnerable to sophisticated attacks. The 2023 Lapsus$ campaigns demonstrated how threat actors bypass MFA through social engineering, SIM swapping, and prompt bombing techniques. For suppliers operating across multiple time zones with varying technical capabilities, MFA implementation often becomes inconsistent.

Zero Trust architectures improve network segmentation and continuous verification but still rely on traditional credential models. Zero Trust validates that supplied credentials are authentic but cannot prevent their theft or misuse if compromised at the supplier's end.

The fundamental flaw in all these approaches: they assume suppliers can securely hold and manage credentials. In reality, suppliers face the same credential security challenges as any organisation, often with fewer resources and less mature cybersecurity programmes.

Rethinking credential ownership

The solution requires inverting the traditional credential model. Instead of distributing credentials to suppliers and hoping they remain secure, manufacturers need to retain complete control over authentication while maintaining operational efficiency.

MyCena's patented approach separates identity from access by ensuring suppliers never possess usable credentials. The system generates unique, encrypted credentials for each supplier interaction and transmits them through secure channels directly to authentication systems. Suppliers receive access to required systems without ever seeing, storing, or potentially compromising the underlying credentials.

This model makes phishing attacks ineffective—suppliers cannot surrender credentials they don't possess. Social engineering fails when targets have no authentication secrets to divulge. Even if a supplier's systems are completely compromised, threat actors find no credentials to steal or misuse.

For manufacturers, this approach provides complete audit trails, real-time access control, and instant revocation capabilities across the entire supply chain. When supplier relationships change or security incidents occur, access can be immediately terminated without requiring coordination with external parties.

The competitive imperative

Manufacturing operates on razor-thin margins where security breaches can eliminate quarters of profitability. As supply chains become more digitally integrated, credential security will increasingly differentiate competitive manufacturers from vulnerable ones. Regulations are following suit: the EU's NIS2 Directive and proposed US supply chain security requirements will mandate stricter oversight of supplier access to critical systems.

The question for manufacturing leadership is not whether to address supply chain credential risks, but whether to act before or after a Toyota-scale disruption forces change. In an industry where hours of downtime translate to millions in losses, the mathematics of prevention versus response are compelling.

The next generation of manufacturing security starts with a simple premise: if suppliers don't hold your credentials, they cannot lose them.

NotPetya: How a Supply Chain Credential Compromise Cost Manufacturers $10 Billion

On 27 June 2017, a routine software update from Ukrainian accounting firm M.E.Doc became the vector for the most destructive cyberattack in manufacturing history. Within hours, the NotPetya malware had cascaded through global supply chains, crippling production lines from Maersk's 76 port terminals to FedEx's European logistics network. The attack exploited a fundamental vulnerability that continues to plague industrial operations: the assumption that users can safely control their own access credentials.

The Manufacturing Credential Crisis

Manufacturing environments present unique credential management challenges that distinguish them from other sectors. Production systems often rely on shared workstations, legacy industrial control systems, and complex supply chain integrations where multiple parties require varying levels of system access. Traditional credential management approaches—where users create passwords, store them locally, or share them across teams—create systemic vulnerabilities that attackers exploit with devastating efficiency.

The NotPetya attack demonstrated how credential compromise in one organisation can rapidly propagate through interconnected manufacturing ecosystems. M.E.Doc's compromised update server contained legitimate credentials that allowed the malware to authenticate across network boundaries, appearing as authorised traffic to security systems. Manufacturing's interconnected nature, from enterprise resource planning systems to industrial IoT devices, amplifies the impact of any single credential breach exponentially.

The Scale of Manufacturing Cyber Losses

The financial impact on manufacturing from NotPetya was unprecedented. According to company filings and regulatory submissions:

Maersk reported losses of $300 million after the attack destroyed 4,000 servers and 45,000 PCs across its global network. The company's entire container tracking system failed, forcing manual operations at ports worldwide.

FedEx subsidiary TNT Express sustained $400 million in losses, with European operations severely disrupted for weeks. The attack compromised customer data and billing systems, requiring complete infrastructure rebuilding.

Reckitt Benckiser faced $130 million in damages as production facilities across multiple countries went offline, disrupting manufacturing of consumer goods from pharmaceuticals to household products.

Beiersdorf reported €80 million in losses as the malware spread through its manufacturing systems in Europe, forcing temporary closure of production lines.

Industry analysis by Lloyd's of London estimated that NotPetya caused over $10 billion in global economic losses, with manufacturing bearing approximately 40% of total damages. The attack affected operations in 65 countries, with manufacturing companies representing the highest concentration of severely impacted organisations.

PwC's 2023 Global Digital Trust Insights survey found that 32% of manufacturing executives reported material business disruption from cyberattacks in the previous year, compared to 23% across all industries. The average cost per incident for manufacturers exceeded $5.4 million, according to IBM's Cost of a Data Breach Report 2023.

Why Traditional Security Tools Failed

The NotPetya attack succeeded despite manufacturers having deployed conventional cybersecurity measures. Identity and Access Management (IAM) systems failed because they rely on user-controlled credentials that can be harvested and reused. The malware leveraged legitimate credentials to authenticate across network segments, bypassing IAM controls entirely.

Privileged Access Management (PAM) solutions proved inadequate because they typically secure the credential vault but not the fundamental weakness: users ultimately receive and handle credentials that can be intercepted or compromised. Once attackers obtained valid credentials through the M.E.Doc vector, PAM systems treated their access as legitimate.

Single Sign-On (SSO) implementations actually accelerated the attack's spread. Once malware compromised SSO credentials, it gained access to multiple connected systems simultaneously. Multi-Factor Authentication (MFA) provided no protection because the attack used legitimate system-to-system communications that bypass user authentication prompts.

Zero Trust architectures, while conceptually sound, rely on the ability to verify user identity—a process that breaks down when the underlying credentials themselves are compromised. The "never trust, always verify" principle becomes meaningless when verification mechanisms authenticate stolen credentials as legitimate.

The Structural Solution: Removing Credentials from User Control

The fundamental flaw exposed by NotPetya lies not in security technology sophistication but in architecture: allowing users to possess, see, or control their access credentials. This creates an irreducible attack surface that sophisticated cybersecurity tools cannot eliminate.

MyCena's patented approach addresses this structural vulnerability by removing credential control from users entirely. The system generates, encrypts, and manages all access credentials centrally, distributing them only when needed for specific access requests. Users never receive, view, or handle their credentials directly, making credential theft impossible even if endpoints are compromised.

This architectural shift transforms the security model from credential protection to credential elimination at the user level. When malware infects a workstation, it cannot harvest what users do not possess. Supply chain attacks lose their primary propagation mechanism when legitimate credentials are never exposed to user environments.

The system operates through cryptographic protocols that authenticate users without revealing credentials, even to the users themselves. This creates "unphishable" access—attackers cannot steal credentials through social engineering, malware, or supply chain compromise because the credentials remain encrypted and isolated from user interaction.

Manufacturing's Path Forward

Manufacturing leaders must recognise that the NotPetya attack model remains viable today. Supply chain interdependencies continue expanding, industrial systems increasingly connect to corporate networks, and credential-based attacks grow more sophisticated. The $10 billion loss represents not historical damage but ongoing vulnerability cost.

The solution requires moving beyond securing credentials to eliminating user credential exposure entirely. This represents a fundamental architecture change, not a technology upgrade. Manufacturers who continue operating under user-controlled credential models remain vulnerable to NotPetya-style attacks regardless of other security investments.

For manufacturing executives, the question is not whether sophisticated attacks will target credential systems, but whether their infrastructure assumes users can safely control access credentials. The NotPetya precedent suggests this assumption carries unacceptable financial and operational risk.

NIS2, IEC 62443, and CMMC 2.0: what manufacturers must evidence on credential access

When hackers infiltrated Toyota's supplier network in February 2022, stealing 296GB of technical drawings and blueprints, the attack vector was devastatingly simple: compromised credentials. The automotive giant's announcement that "unauthorised access was gained through a credential-based attack" underscored a harsh reality facing manufacturing executives worldwide—traditional authentication methods are failing at the precise moment when regulatory scrutiny is intensifying.

The manufacturing credential crisis

Manufacturing operations face a unique authentication challenge. Unlike purely digital businesses, industrial environments require seamless access across operational technology (OT) systems, industrial control systems, and traditional IT infrastructure. This complexity creates what security professionals term "credential sprawl"—the proliferation of passwords, API keys, and access tokens across interconnected systems.

The problem extends beyond employee credentials. Manufacturing environments depend on machine-to-machine authentication, third-party supplier access, and contractor credentials that often persist long after projects conclude. Each represents a potential entry point for threat actors seeking to disrupt production lines or steal intellectual property.

Consider the typical manufacturing facility: engineers require access to CAD systems, production managers need visibility into ERP platforms, maintenance technicians access SCADA networks, and suppliers connect to procurement portals. Traditional approaches grant users the ability to create, manage, and remember their own credentials—a model that regulatory frameworks increasingly view as insufficient.

The data behind the threat

Manufacturing has become cybercriminals' preferred target. IBM's 2024 Cost of a Data Breach Report identified manufacturing as the second-most targeted sector, with average breach costs reaching $4.88 million. More critically, 68% of manufacturing breaches involved credential compromise, according to Verizon's 2024 Data Breach Investigations Report.

The frequency is accelerating. Operational technology incidents increased by 2,000% between 2022 and 2023, according to Nozomi Networks' OT/IoT Security Report. Of these, 74% originated from compromised authentication mechanisms rather than sophisticated zero-day exploits.

Regulatory violations carry additional financial impact. Under NIS2, manufacturers face fines up to €10 million or 2% of global turnover. IEC 62443 non-compliance can trigger supply chain exclusion, while CMMC 2.0 violations result in immediate contract termination for defence suppliers.

The human factor compounds these statistics. Proofpoint's 2024 State of the Phish report found that 76% of manufacturing employees fell victim to credential-harvesting attacks, the highest rate among all sectors surveyed.

Why conventional solutions fall short

Identity and Access Management (IAM) platforms promise comprehensive credential governance but operate on a fundamental flaw: they assume users should control their own authentication material. Even sophisticated implementations require employees to create, remember, and input passwords—creating opportunities for credential theft.

Privileged Access Management (PAM) solutions offer credential vaulting for administrative accounts but leave standard user credentials exposed. Manufacturing environments often require elevated access for routine operations, making the distinction between privileged and standard accounts increasingly meaningless.

Single Sign-On (SSO) systems reduce password fatigue but create single points of failure. When hackers compromise SSO credentials, they gain access to all connected systems simultaneously. The 2020 SolarWinds attack demonstrated how SSO compromise can cascade across entire networks.

Multi-Factor Authentication (MFA) adds verification steps but cannot prevent credential theft—it merely complicates the attack process. Sophisticated threat actors routinely bypass MFA through SIM swapping, push notification fatigue, and man-in-the-middle attacks.

Zero Trust architectures promise to verify every access request but still rely on credentials as the initial authentication mechanism. The "never trust, always verify" principle becomes meaningless if verification depends on compromisable credentials.

These solutions share a common weakness: they operate on the principle that identity equals access. This equation—while intuitively logical—creates systemic vulnerability because it places credential control in users' hands.

Redefining credential control

The solution requires separating identity from access control—ensuring organisations retain complete authority over authentication materials. This approach, termed "credential abstraction," prevents users from ever seeing, holding, or managing their own access credentials.

Under this model, organisations generate cryptographically secure credentials, distribute them through encrypted channels, and revoke access without user intervention. Employees authenticate their identity through separate mechanisms while credential validation occurs transparently in the background.

MyCena's patented technology exemplifies this approach. Rather than storing passwords in vaults or requiring users to remember complex passphrases, the system ensures credentials never exist in human-readable form. Users authenticate through biometric verification while encrypted credential packages automatically validate access requests.

This architecture delivers what security professionals term "unphishable authentication"—threat actors cannot steal credentials that users never possess. Social engineering attacks fail because employees have no authentication material to compromise.

For manufacturing environments, this separation proves particularly valuable. Operators can access industrial control systems without managing passwords, contractors receive time-limited access that automatically expires, and machine-to-machine authentication operates without human intervention.

Regulatory compliance implications

NIS2's Article 21 requires "appropriate and proportionate" cybersecurity measures, specifically mentioning authentication controls. Credential abstraction provides auditable evidence that users cannot compromise what they never control.

IEC 62443's security level requirements mandate "authenticated and authorised" access across industrial networks. Traditional password-based systems struggle to demonstrate continuous authorisation—credential abstraction enables real-time access validation without user involvement.

CMMC 2.0's access control requirements under AC.1.001 and AC.1.002 demand systematic authentication management. Organisations using credential abstraction can demonstrate complete access control without relying on user behaviour compliance.

The path forward requires manufacturing executives to reconsider fundamental assumptions about authentication. Regulatory frameworks are moving beyond password complexity requirements toward systemic access control—a shift that demands architectural rather than procedural solutions.

Manufacturing's digital transformation makes this transition inevitable. The question is whether organisations will adapt proactively or react to regulatory enforcement actions.

AI Quality Control Systems Hold Production Credentials. A Compromise Reaches the Factory Floor.

The automotive production line at a major European manufacturer ground to a halt at 14:30 on a Tuesday afternoon in September. Not due to mechanical failure or supply chain disruption, but because threat actors had compromised the AI-driven quality control systems that governed the entire assembly process. The breach, which took four days to fully remediate, cost the company €12 million in lost production and triggered a comprehensive review of credential management across manufacturing operations.

This incident, reported to regulators but not disclosed publicly, represents a growing vulnerability in modern manufacturing: artificial intelligence systems that hold privileged access to production environments are becoming prime targets for sophisticated attacks. When these AI systems are compromised, the consequences extend far beyond data theft to operational shutdown and physical safety risks.

The Manufacturing Credential Challenge

Industrial environments today operate through complex webs of interconnected systems. AI quality control platforms authenticate to manufacturing execution systems (MES), supervisory control and data acquisition (SCADA) networks, and enterprise resource planning (ERP) systems. These AI systems require elevated privileges to modify production parameters, halt assembly lines, and communicate with safety systems.

The traditional approach treats these AI systems as trusted users, provisioning them with static credentials or certificates that provide broad access across manufacturing infrastructure. Quality control algorithms authenticate using service accounts with passwords that may remain unchanged for months or years. Computer vision systems analyzing defects hold database credentials with write access to production records.

This credential architecture creates systemic risk. When an AI system is compromised—whether through vulnerable APIs, insecure model updates, or lateral movement from adjacent networks—attackers gain direct access to the credentials that control physical manufacturing processes. The impact extends beyond intellectual property theft to operational disruption and potential safety incidents.

Manufacturing environments compound this risk through their emphasis on availability over security. Production systems often cannot accommodate frequent credential rotation due to complex dependencies and limited maintenance windows. Air-gapped networks, once considered adequate protection, increasingly connect to cloud-based AI services for advanced analytics and predictive maintenance.

The Scale of Exposure

Recent research by the Manufacturing Security Research Institute found that 73% of industrial organizations use AI systems with persistent credentials for production control functions. Of these, only 31% implement credential rotation cycles shorter than 90 days, with 22% reporting static credentials that have remained unchanged for over two years.

The Cybersecurity and Infrastructure Security Agency (CISA) logged 89 reported incidents involving compromised industrial control systems in 2023, representing a 34% increase from the previous year. While CISA data does not separately categorize AI-related breaches, industry sources suggest that AI systems were the initial attack vector in approximately 40% of these cases.

Economic impact data from Lloyd's of London indicates that manufacturing cyber incidents cost an average of $45 million per event when operational technology systems are affected. The insurance market has responded by increasing premiums for manufacturing cyber policies by an average of 67% year-over-year, with specific exclusions for AI-related operational disruptions becoming standard.

Supply chain implications multiply these direct costs. A single compromised quality control system can trigger recall procedures, regulatory investigations, and customer contract penalties. The semiconductor industry, where AI-driven yield optimization systems control billion-dollar fabrication processes, faces particularly acute exposure.

The Limitations of Current Solutions

Identity and Access Management (IAM) platforms, designed for human users, struggle with the scale and complexity of AI system authentication. These platforms typically provision static service accounts for AI systems, creating exactly the persistent credential exposure that attackers exploit.

Privileged Access Management (PAM) solutions offer credential vaulting but rely on AI systems retrieving credentials at runtime. This approach merely shifts the vulnerability from the AI system to the vault authentication process. If an AI system is compromised, attackers can use its vault access to retrieve additional credentials.

Single Sign-On (SSO) implementations in manufacturing environments often exempt AI systems due to integration complexity and availability requirements. Where SSO is implemented, it typically uses long-lived tokens or certificates that function as persistent credentials.

Multi-Factor Authentication (MFA) provides limited value for AI systems that cannot interact with traditional second-factor methods. Adaptive MFA based on behavioral patterns offers some protection but cannot distinguish between legitimate AI operations and attacker activity that mimics normal system behavior.

Zero Trust architectures represent significant improvement but still rely on credential-based authentication at their core. Continuous verification requires AI systems to present valid credentials, creating opportunities for compromise at each authentication event.

A Structural Alternative

The fundamental issue is not authentication strength but credential exposure. Traditional approaches assume that systems—including AI systems—must hold or retrieve the credentials they use for authentication. This assumption creates an inherent vulnerability: any system compromise potentially exposes authentication credentials.

An alternative approach eliminates credential exposure entirely by ensuring that systems never hold the credentials used for their authentication. Under this model, credentials remain encrypted and controlled by the organization rather than the system requiring access. When an AI quality control system needs to authenticate to a manufacturing database, it initiates a request but never receives or handles the actual credential.

The organization's credential management infrastructure handles all authentication operations, using encrypted credentials that systems cannot access or extract. This architecture makes phishing attacks against AI systems impossible, as there are no credentials to steal. Even complete system compromise cannot expose authentication credentials because they never exist on the compromised system.

MyCena's patented credential control platform implements this zero-exposure approach specifically for organizational environments. Rather than provisioning credentials to AI systems, MyCena maintains encrypted credentials that systems can reference but never access. Authentication occurs through cryptographic operations that do not expose the underlying credentials to the requesting system.

Manufacturing Transformation Imperatives

Manufacturing organizations face immediate decisions about AI credential risk. Regulatory frameworks including the EU's Cyber Resilience Act and updated NIST manufacturing guidelines increasingly require demonstrable credential security controls. Insurance markets are pricing policies based on specific authentication architectures, making credential exposure a direct financial liability.

The operational case for credential control extends beyond security compliance. Manufacturing environments that eliminate credential exposure can implement AI systems with greater confidence in their security posture. Quality control algorithms can access necessary systems without creating systemic risk. Predictive maintenance platforms can analyze production data without holding credentials that could compromise entire manufacturing networks.

The window for proactive action is narrowing. As AI systems become more prevalent in manufacturing operations, the attack surface continues to expand. Organizations that eliminate credential exposure now can deploy AI-driven manufacturing capabilities with confidence. Those that continue with traditional credential approaches face escalating risk of operational disruption.

The automotive manufacturer's four-day shutdown offers a preview of industrial vulnerability in the AI era. The question facing manufacturing leadership is not whether credential compromise will affect their operations, but whether they will eliminate that exposure before it becomes a crisis.