Topics:
As 2025 comes to a close, some of our Nexus contributors and experts have provided us with a look back on the year in cybersecurity, and their predictions for the next year within their industries and specialty areas. Today, Jim LaBonty, former global head of automation engineering at Pfizer, reflects on cyberattacks against manufacturing enterprises, and predicts better outcomes against ransomware in the sector.
Cyberattacks on manufacturing stayed elevated in 2025 and likely will grow more sophisticated in 2026, with attackers shifting tactics toward data theft, extortion, and artificial intelligence-driven operations.
While defenders in manufacturing and critical infrastructure are getting better at blocking encryption-style ransomware, adversaries are adapting very quickly. The sector’s heavy reliance on operational technology and industrial control systems, tight supply chains, and very costly downtime keeps it a prime target.
Manufacturing Remains a Top Target: Threat groups continue to prioritize manufacturing due to high downtime leverage, supply-chain impact, and often exploiting aging OT/ICS environments.
Surge in Data-Theft & Extortion-Only Attacks: Attackers increasingly are stealing intellectual property, proprietary designs, and operational data first—then extortion. Encryption is becoming optional.
AI-Enabled Attacks Accelerate: Adversaries are automating reconnaissance, crafting highly personalized phishing, and exploiting AI/automation systems inside factories. Attack velocity increases sharply if not exponentially in 2026.
Ransomware Encryption Less Successful: Better detection and segmentation will stop more encryption attempts, but attackers will pivot to stealthy access, exfiltration, and long-cycle extortion.
Manufacturing cyber risk in 2026 isn’t just about ransomware — it’s about faster intrusions, deeper data compromise, and more strategic extortion. Organizations that invest in OT security, data protection, AI-aware defenses, and real incident preparedness will have a decisive operational advantage over those still with their heads in the sand.
Jim LaBonty is the retired Director and Head of Global Automation Engineering for Pfizer's Global Engineering & Technology division. In this role he primarily focused on establishing the strategic direction and harmonizing control system solutions across 42 manufacturing sites globally, including securing the development of Pfizer's COVID-19 vaccine. Previously, LaBonty held senior engineering and system architect roles at Rockwell Automation, Eli Lilly & Company, and Eastman Kodak Company. He now leverages his decades of experience to help firms with their corporate OT cyber strategy and global program execution, with the goal of protecting manufacturing.
