Cybersecurity as a foundation for Europe’s industrial future
23 May 2025
Share
Cybercrime has grown rapidly in scale and impact in recent years. Global damages are expected to reach USD 10.29 trillion by 2025, up from USD 2.95 trillion in 2020 (Statista). This makes cybersecurity a critical topic for Europe. Drawn from discussions at InnoHive 2025, this article highlights challenges and solutions needed to secure businesses in a hyperconnected world.
For Europe’s manufacturing industry, emerging technologies such as AI, digital twins and optimised, data-driven processes promise a new era of productivity. Yet at the heart of this transformation lies a critical step: cybersecurity. As factories are becoming more digital and interconnected, they also become more exposed – and without well-equipped talent to implement the right means to protect themselves, the vision of a globally competitive European industry risks collapse.
InnoHive 2025 speakers (for left to right): Patricia Hartmann, Bartosz Nieróbca, Michael Gerhard Schneider, Claudia Müller, Florian Gasteiger, Danny Berko and Mirco Kloss. Photo credit (c) Xavier Lejeune
Vulnerability in a connected world
The integration of Operational Technology (OT) and Information Technology (IT) in manufacturing has expanded the cyber-attack surface dramatically. As Danny Berko, Co-Founder of Qsee, warned, “When everything is digital, everything can be stopped.” This stark reality reframes cyberattacks not as a distant threat, but as an imminent, existential risk to factory operations, supply chains and economic stability.
The human element compounds these vulnerabilities. Modern attackers often exploit people instead of systems. As Andrea Guerini, Cybersecurity Consultant at Cefriel, put it, “Technology alone cannot solve the cybersecurity problem. Human vigilance, predictive knowledge and informed decision-making are crucial.” Yet traditional industrial environments often treat cybersecurity as an add-on, not a core requirement.
Technology alone cannot solve the cybersecurity problem. Human vigilance, predictive knowledge and informed decision-making are crucial.
Andrea Guerini, Cybersecurity Consultant at Cefriel
Claudia Romero, Andrea Guerini and Claudia Müller at InnoHive 2025. Photo credit (c) Xavier Lejeune
For Europe’s manufacturing industry, the risk is increased by several structural factors:
- A cultural gap between IT and OT, where established IT security practices fail to translate effectively to the shop floor.
- Sectoral differences in cybersecurity maturity, with industries like oil and gas being far more advanced than small and medium-sized enterprises (SMEs) in manufacturing.
- Overreliance on legacy systems, with many factories still depending on old, unsecured technology.
- A compliance-driven mindset, where companies aim to “tick the box” rather than proactively build cyber resilience.
- The looming threat of quantum computing, poised to render current encryption methods obsolete.
European manufacturers must, therefore, tackle not just technical shortcomings, but entrenched organisational, cultural and strategic weaknesses as well.
Embedding cybersecurity at every level
Discussions during InnoHive 2025 made it clear that solutions must be multilayered and systemic to address these structural shortcomings.
A recurring theme was people’s safety, with a strong call to put people at the centre of cybersecurity efforts. As Claudia Müller, Senior Communication Manager at EIT Manufacturing, emphasised, “People are as vital as technology in building resilience.” Building a cybersecurity-aware culture across all levels – from senior management to factory floor workers – is critical.
As a solution, the CYRUS project provides free cybersecurity training courses. They are designed for non-technical staff, engineers and operators, ranging from introductory courses to advanced topics like threat analysis.
Asset visibility and simple strategic planning were also addressed. When considering cybersecurity matters, asset inventory is highly important. Knowing every device, system and connection enables companies to develop focused, risk-based security strategies instead of ad-hoc fixes.
Simplifying digital ecosystems by limiting cloud dependencies and streamlining network architectures was also advocated. Mirco Kloss, Business Development Director DACH at TXOne Networks, stated “cybersecurity should be as foundational and mandatory as providing physical safety gear in a factory” – and he wore a hard hat and safety gear on the panel to drive home this point.
Governance and standards are other critical elements of any strategic cybersecurity policy for the manufacturing industry – and they are missing in action, particularly for SMEs. Florian Gasteiger, OT Security Leader DACH at IBM, highlighted that universal, sector-specific cybersecurity standards are urgently needed. “Governance structures that ensure cybersecurity policies are enforced not just in theory but in daily practice are essential – especially for SMEs, where resource constraints are most acute,” he said.
Like the machines and processes it protects, cybersecurity must be proactive and adaptive – compliance alone is not enough. Companies must shift towards dynamic, continuous cybersecurity, viewing it not as a project with an end date but as a living, evolving process. Technology must support human oversight, not replace it. In a rapidly evolving threat landscape, it seems, human judgment remains indispensable.
Effective protection demands that manufacturers combine automation, monitoring and strategic vigilance, continuously evolving to match the sophistication of attackers. Preparing today for emerging threats – particularly the disruptive power of quantum computing – is vital for long-term resilience. Berko warned, “Today’s protections won’t survive tomorrow’s quantum threats,” underlining the urgent need for manufacturers to future-proof their digital defences.
Cybersecurity should be as foundational and mandatory as providing physical safety gear in a factory.
Mirco Kloss, Business Development Director DACH at TXOne Networks
Competing powers and economic stakes
Europe’s manufacturing is also affected by external factors such as geopolitics, economic instability and supply chain vulnerabilities – all of which also impacts cybersecurity.
Emerging economies are stepping in, often bypassing the legacy issues by adopting advanced security solutions. European manufacturers must recognise that cybersecurity is not just about protecting current operations – it is a determinant of future competitiveness. As Patricia Hartmann, Senior Key Account Manager at EIT Manufacturing, summarised, “Security is no longer just an IT issue. It is an industrial strategy issue.”
Securing the future
If Europe’s manufacturing sector is to thrive in an era dominated by AI, digitisation and hyperconnected production, cybersecurity must be a foundational pillar – not an afterthought. Protecting companies from cyber threats means protecting jobs, innovation and Europe’s broader economic sovereignty.
Manufacturers who embed cybersecurity today will be the industrial leaders of tomorrow. They should consider not only their IT and OT, but also give all employees the means to identify and mitigate cyber threats effectively by training them accordingly.
Outcomes and key action points
- Start now: Delay only increases risks.
- Focus on the human firewall: Build cybersecurity awareness and training into every employee’s role.
- Map assets and risks: Know what needs protecting and why.
- Tailor solutions to OT realities: Recognise that IT and OT environments are fundamentally different.
- Simplify systems and reduce dependencies: Complexity breeds vulnerability.
- Plan for technological disruption: Anticipate threats, including quantum threats and design adaptable defences.
- Champion a positive, failure-friendly culture: Allow mistakes to be learning opportunities, not career-enders.