Auguest, 2025
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.
Traditional security models treated networks like moated castles—anyone or anything inside the perimeter was assumed safe. But as manufacturing environments have evolved, that assumption has become a liability.
To stay resilient, manufacturers are adopting zero trust: a security model that verifies every user, device and interaction—continuously.
In modern factories, IoT sensors monitor everything from pressure to temperature. AI decides when to trigger shutoffs. And cloud platforms manage global workflows. Every connection is a potential entry point, and attackers know it.
This approach isn’t theoretical. DXC is applying zero trust principles across its own enterprise, and for clients everywhere, improving security posture and business resilience.
Manufacturing is now the most targeted industry for ransomware, accounting for up to 29% of reported attacks according to CheckPoint Research.
And this isn’t just about data loss. When OT systems are compromised, the impact is often physical and immediate. Think shutdowns, broken supply chains or even nationwide disruption.
With manufacturing systems underpinning everything from food and pharmaceuticals to energy and defense, the stakes couldn’t be higher. In an environment where uptime and safety are paramount, the only safe assumption is that everything—human or machine—can be compromised.
That’s where a zero trust approach comes in.
The importance—and fragility—of manufacturing
In April 2025 power outages across Spain and Portugal brought trains, hospitals and factories to a standstill. Though evidence does not indicate it was caused by a cyberattack, the incident underscored the real-world disruption a single point of failure can cause.
Zero trust starts with a simple principle: never trust, always verify. Every access request—whether from a person, machine or application—is assessed in real time against a set of dynamic criteria: Who? What? When? Where? Why? Which?
This is more than identity verification. It’s about understanding behavior, device health and context before granting any level of access.
In manufacturing, that goes beyond verifying people. Machines need identity too. Every system must enforce least-privilege access, allowing users and devices to do only what they’re authorized to do. And every action must be logged automatically, so teams can track who did what, when and why to support compliance and incident response.
Despite rapid digital transformation involving cloud platforms, autonomous robotics, AI and IoT, many manufacturers still rely on outdated security models like flat networks, legacy PLCs and minimal access controls. These systems were designed for reliability, not resilience. Add the explosion of remote access tools and third-party integrations, and the attack surface has grown significantly.
Zero trust offers a practical blueprint for manufacturers. Here’s our advice for implementing a zero trust approach:
Without this kind of robust approach in place, it can be challenging for organizations in manufacturing and other industries to have a clear picture of who has access to critical assets and data, and how they are using it.
As a result, companies can unnecessarily expose themselves to costly data breaches and other security incidents.
Manufacturing isn’t the only industry grappling with the risks of converging physical and digital systems. Finance, healthcare and utilities—anywhere physical infrastructure meets digital control—face similar challenges.
Whether it’s hospital ventilators, power grids or payment terminals, the principle remains: when physical operations are controlled digitally, the potential impact of a breach becomes far more serious.
That’s why zero trust is gaining traction far beyond the factory floor. At DXC, we’re seeing cross-sector customers recognize that zero trust needs to be an enterprise-wide initiative.
With its deep experience in zero trust architecture and identity and access management, the DXC team is helping organizations embed zero trust into every layer of the enterprise—security, IT, operations and culture.
