Cyber Security and Applications 3 (2025) 100067

Contents lists available at ScienceDirect

Cyber Security and Applications

journal homepage: http://www.keaipublishing.com/en/journals/cyber-security-and-applications/

Securing industry 4.0: Assessing cybersecurity challenges and proposing

strategies for manufacturing management
Adel Alqudhaibi a, Majed Albarrak b, Sandeep Jagtap a,c,∗, Nikki Williams a,
Konstantinos Salonitis a
a
Sustainable Manufacturing Systems Centre, Cranfield University, Cranfield MK43 0AL, United Kingdom
b
University of Warwick, Coventry CV4 7AL, United Kingdom
c
Division of Engineering Logistics, Faculty of Engineering, Lund University, Lund 22643, Sweden

a r t i c l e i n f o a b s t r a c t

Keywords: Industry 4.0 represents the foundation of the fourth industrial revolution, characterised by the integration of
Cybersecurity innovative technology into the manufacturing process. This integration enhances automation, diagnostics, data
Manufacturing systems analysis, and autonomous decision-making through the networking of equipment and machinery. However, the
Industry 4.0
increased reliance on technology raises concerns about the implementation and maintenance of cybersecurity.
Cybersecurity challenges
This paper aims to address cybersecurity challenges in the manufacturing industry and suggest strategies to re-
Cybersecurity awareness
Cybersecurity framework duce risks. In particular, it examines the level of awareness and understanding of cybersecurity issues among
manufacturing employees, establishes accountability for cyberattacks, and evaluates the effectiveness of existing
industry practices. The current cybersecurity landscape in the manufacturing industry was thoroughly analysed.
Data were gathered through surveys, interviews, and case studies to measure awareness, identify knowledge gaps,
and assess existing practices. The research findings indicate a significant knowledge gap regarding cybersecurity
among manufacturing employees. This vulnerability can be attributed to the lack of funding and training, espe-
cially compared to the resources provided to information technology departments and corporate employees. The
study emphasises the importance of redirecting cybersecurity resources and protocols towards the manufacturing
industry. This paper puts forward a series of recommendations to mitigate risks and safeguard the manufacturing
industry.

1. Introduction the rise in connectivity, there has been an alarming increase in the num-
ber and severity of cyberattacks. In fact, over a third of reported cy-
Contemporary manufacturing companies utilise a range of hardware berattacks in 2016 were targeted at connected manufacturing assets,
and software to ensure the confidentiality, availability, and integrity of as depicted in Fig. 2. According to information provided by NTT (May
data, which are essential factors for long-term success and profitability. 2021), cyberattacks against the manufacturing industry have increased
In line with the Industry 4.0 revolution, many companies are integrating by 300 % compared to 2019 [6].
their manufacturing systems and machinery to improve efficiency and A report by National Institute of Standards and Technology (NIST)
competitiveness. However, this integration poses significant implemen- [7] suggests that the increase in attacks indicates that security mea-
tation challenges, especially in emerging countries where prioritising sures for manufacturing industry systems are generally not as strong
investment in shop-floor digitalisation and understanding cybersecurity as those in corporate information technology (IT) environments. De-
requirements are crucial for successful adoption [1]. This integration is spite the growing cyber threats, there is a significant knowledge gap
driven by the projected use of over United States dollar (USD) 12 bil- among manufacturing employees when it comes to cybersecurity. This
lion internet-connected devices in manufacturing by 2022, as shown in gap is worsened by a disparity in cybersecurity funding and training
Fig. 1, representing a 50 % increase since 2018 [2,3]. Integrating ad- compared to IT departments. This paper aims to investigate whether lo-
vanced technologies such as virtual manufacturing is becoming increas- cal users of integrated, networked systems in the manufacturing sector
ingly critical in this context, enabling manufacturers to design, test, and are aware of cyber threats and whether their roles, experiences, and re-
optimise their processes in a virtual environment before actual produc- sponsibilities are suitable for effectively managing this threat. Addition-
tion, thus enhancing efficiency and reducing costs [5]. However, with ally, the study aims to bridge the existing knowledge gap by developing

Peer review under responsibility of KeAi Communications Co., Ltd.

∗
Corresponding author at: Division of Engineering Logistics, Faculty of Engineering, Lund University, Lund 22643, Sweden.
E-mail addresses: s.z.jagtap@cranfield.ac.uk, [email protected] (S. Jagtap).

https://doi.org/10.1016/j.csa.2024.100067
Received 24 May 2024; Received in revised form 9 July 2024; Accepted 27 July 2024
Available online 29 July 2024
2772-9184/© 2024 The Authors. Publishing Services by Elsevier B.V. on behalf of KeAi Communications Co., Ltd. This is an open access article under the CC BY
license (http://creativecommons.org/licenses/by/4.0/)
A. Alqudhaibi, M. Albarrak, S. Jagtap et al. Cyber Security and Applications 3 (2025) 100067

the widespread use of connected devices, there has been an abun-

dance of guidance, standards, regulations, and incident management
services provided by private and government cybersecurity agencies,
institutes, and consultants [9]. The National Cyber Security Centre has
published guidance to help board members understand cybersecurity
[10,11]. Recently, the number of identified cyberattacks has reached a
level where certain incidents make global news headlines, such as the
US fuel pipeline attack and the WannaCry and NotPetya ransomware
attacks [12]. However, these examples represent only a small portion of
the actual attacks. Numerous prominent companies, including Adobe,
eBay, and LinkedIn, have fallen victim to cyberattacks, resulting in data
breaches and subsequent data loss over the past decade [10].
These incidents have raised awareness about the threats of cyber-
Fig. 1. Global growth of machine-to-machine connections [4]. attacks. According to a survey conducted by Microsoft [11], 22 % of
companies considered cyber threats to be the most significant risk to
their business operations. Furthermore, it has been observed that cyber-
attacks have wide-ranging effects [13]. A study carried out by Oxford
University identified five themes that encompass the concept of cyber
harm: social, reputational, psychological, economic, and physical or dig-
ital harm [14]. The Microsoft survey and the Oxford University study
remind us of the clear consequences of cyberattacks on businesses, such
as operational disruptions, decreased stock prices, and regulatory fines.
However, equal attention should be given to the less obvious effects,
including loss of life, compromised consumer interactions, reduced or-
ganisational morale, and increased media scrutiny [15].
The increased awareness of cyberattacks has resulted in higher sales
of business cyber insurance [16]. According to a recent report, the cy-
ber insurance market is expected to grow at a compound annual growth
rate of 21 %, reaching a value of USD 20.4 billion by 2025 [17]. The
term ‘cyberattack’ refers to a deliberate attempt to undermine business
operations by using programmes like viruses to breach a company’s
servers [18]. On the other hand, ‘cybersecurity’ encompasses the mea-
Fig. 2. Cyberattacks by industry in 2022 [7]. sures taken to prevent or minimise the impact of such attacks [19]. A
report by Hiscox highlights a significant increase in business spending
and implementing engaging activities to educate all stakeholders. Fur- on cybersecurity, with the average business now allocating over 20 %
thermore, the study is systematically addressed through four distinct but of its IT budget to address this threat [20].
interrelated objectives: Firstly, it evaluates published research on cyber All current approaches offered by leading consultancy firms and in-
security in manufacturing environments to establish best practices. Sec- stitutions, with regard to effective cybersecurity, revolve around five
ondly, it assesses current cyber security knowledge, experiences, and key components: identification, protection, detection, response, and re-
accountability beliefs within various manufacturing functions of an es- covery [21]. By identifying these five principles, firms can minimise
tablished aerospace manufacturing company, using a detailed survey. their vulnerability to cyberattacks by outlining procedures for identify-
Thirdly, it analyses the data collected from this survey to determine a ing, protecting against, detecting, responding to, and recovering from
current representative baseline for cyber security awareness and to com- such attacks. Effective cybersecurity follows a similar structure to con-
pare this with existing literature to identify gaps and opportunities for ventional risk management strategies: it is most effective when regularly
improvement. Finally, it proposes a future strategy aimed at either im- reviewed and monitored, when staff possess a strong awareness and un-
proving or maintaining a robust understanding of cyber security within derstanding of the security measures, when protocols are vigorously ap-
manufacturing functions. These objectives collectively drive the com- plied, and when resources and funds are efficiently utilised to mitigate,
prehensive analysis and strategic recommendations our paper presents. monitor, and manage the impacts of any cyberattack.
As manufacturing organisations increasingly connect their equipment The analysis conducted in the study by Galinec et al. [22] highlights
and assets to improve data accessibility, there is often a delay in ad- the importance of addressing issues that arise from inadequate employee
equately training staff who may be unaware of their roles, responsi- education or awareness. Even a single employee who is unaware or un-
bilities, and obligations in creating and maintaining a cyber-secure en- educated can unintentionally undermine even the most comprehensive
vironment. This paper investigates the effectiveness of current indus- cybersecurity strategy. The European Union Agency for Cybersecurity
try practices in addressing cybersecurity implementation. The following [23] advocates for involving proactive employees in achieving effective
sections of this paper explore the literature review, research methodol- cybersecurity, going beyond mere compliance with rules and policies, as
ogy, findings, and recommendations, offering a thorough understanding these regulations may need to catch up with current cyber threats. This
of the awareness and preparedness of manufacturing employees in ad- dual approach is further supported by the National Initiative for Cyber-
dressing cybersecurity threats. security Education framework, which recognises the need to establish
a continuum of cybersecurity, its relationship with the IT department,
2. Literature review and its crucial relationship with all work roles across the organisation
[24].
2.1. Cybersecurity and its associated risks
2.2. Manufacturing sector systems
Cybersecurity refers to the measures individuals and institutions take
to mitigate cyberattack threats, protect hardware and services from The term ‘manufacturing sector systems’ covers a well-established
theft or damage, and prevent unauthorised access to data [8]. With and extensively researched topic that includes two distinct areas: IT

2
A. Alqudhaibi, M. Albarrak, S. Jagtap et al. Cyber Security and Applications 3 (2025) 100067

and operation technology (OT), which are often referred to by the same force competencies, ‘inexperienced end-users and dissatisfied workers’
name [25]. According to the dictionary of production engineering, man- and ‘user lack of knowledge about new cybercrime tactics’ are two ma-
ufacturing sector systems include the people, equipment, procedures, jor contributing factors to significant cybersecurity breaches. An inves-
and organisations aimed at achieving a company’s manufacturing ob- tigation into the cyberattacks on the control systems of the Ukrainian
jectives [26]. While this definition gives a broad description of the nec- power grid in 2015/2016 revealed that the attack patterns used by the
essary systems for efficient business operations, this research focuses on cybercriminals were similar to those documented in previous incidents
the specific technology used in production spaces to monitor and en- against enterprise IT systems [32]. The attack employed spear-phishing
hance the production process. techniques that targeted employees and system administrators [44],
Existing research primarily focuses on IT, which involves managing highlighting the importance of having an informed and well-educated
digital information and has historically been associated with office envi- workforce to mitigate such attacks.
ronments [27]. On the other hand, OT is commonly linked to the factory A business that emphasises security, by involving employees and im-
floor and oversees the control of physical processes and the technology plementing clear procedures, creates an environment that tackles nu-
utilised to carry out those processes [28]. However, some argue that merous underlying issues that contribute to data breaches [45]. Ad-
the line between IT and OT has become blurred in recent times, making ditionally, this helps develop a workforce that instinctively safeguards
these terms less helpful [29]. Modern manufacturing companies now in- company information, thus ensuring strong cybersecurity [46,47]. It is
corporate many digital elements into their operations, so this research acknowledged that a person’s behaviour is influenced by their knowl-
needs to take into account all manufacturing systems alongside estab- edge, skills, familiarity with cybersecurity, experiences, perspectives,
lished OT devices. mindsets, and beliefs [48]. Considering the demands of their roles, man-
ufacturing employees often require extra time to contemplate the impli-
2.3. Importance of cybersecurity in manufacturing cations of cybersecurity, which makes establishing a more conscientious
culture challenging [49].
A recent report conducted on behalf of Deloitte revealed that nearly Employees play a crucial role in implementing, utilising, and main-
one-third of manufacturers have not yet implemented a cyber risk as- taining an effective cybersecurity policy [50]. To establish effective or-
sessment specifically targeting their factory floor technology [30]. These ganisational cybersecurity, senior employees must follow a four-step
statistics, combined with the increased adoption of connected devices process: identifying the company’s critical assets, developing an un-
and systems in manufacturing, have made the industry highly suscepti- derstanding of relevant threats, designing procedures to prevent cyber-
ble to cybercrime. crime, and educating and engaging staff [51]. The final step is particu-
Traditional IT applications, which are used to handle data and manu- larly crucial, as it should not only provide information but also empha-
facturing complexities, are increasingly being incorporated into OT sys- sise practicality, ease of implementation, and viability. Likewise, man-
tems [31]. The growing practice of utilising IT platforms to host vital agement personnel responsible for finance and resource allocation, such
OT applications, like human-machine interfaces, presents a range of in- as machine operators, often require additional time to address cyberse-
tricate challenges and cybersecurity risks [32]. Originally, OT devices curity issues, which hampers efforts to bring about change. Manufactur-
were kept isolated (air-gapped) to protect them from external attacks ing leadership must actively support the implementation of cybersecu-
and reduce associated risks [33]. However, the decision to connect them rity measures and awareness, employing the same logic that initially led
to manufacturing networks has raised concerns, especially when consid- to the adoption of connected devices. The potential impact of a cyber-
ering hardware with redundant and unprotected operating systems, as attack should be considered as detrimental to the business as removing
well as the absence of fundamental security features like encryption and the systems [52].
user authentication [34]. Laperrière and Reinhart [26] identifies a challenge arising from the
The outbreak of COVID-19 forced companies to embrace a remote difference between IT culture, which prioritises confidentiality, and
working approach, which led to a rise in cyberattacks due to hastily im- manufacturing culture, which emphasises availability. Historical dis-
plemented access requirements [35]. The Cybersecurity & Infrastructure parities between IT and OT approaches have exacerbated this division.
Security Agency frequently issues alerts regarding cybercriminals who However, the collaboration between IT and manufacturing employees
specifically target businesses by exploiting vulnerabilities in internet- is essential in the current production environment to enhance cyberse-
accessible manufacturing resources and stealing access credentials from curity [54]. An often-overlooked factor when analysing complex manu-
supervisory personnel [36]. This allows attackers to circumvent fire- facturing organisations involves the utilisation of small or medium-sized
walls and gain entry to factory floor connections and machinery [33]. businesses (SMBs) to supply, maintain, and upgrade manufacturing ma-
Recent high-profile attacks on manufacturing businesses include the chinery, making them potential targets for cyberattacks [55]. SMBs of-
well-known WannaCry and NotPetya incidents. In these cases, viruses ten need assistance in implementing effective cybersecurity measures
were able to spread from IT network systems to manufacturing devices due to a lack of in-depth knowledge, expertise, and resources [56]. This
that were easily accessible [37]. As a result, organisations worldwide issue has been extensively discussed in academic studies, industry ac-
experienced extensive disruptions, leading to losses exceeding USD 14 counts, and government support initiatives [48–57]. Despite the cyber-
billion [38]. security risks it poses to larger companies, SMBs will continue to be
impacted by this issue due to resource and economic constraints [58].
2.4. Cybersecurity challenges in manufacturing
2.5. Evaluating cybersecurity culture in manufacturing
Previous literature has identified two main areas of vulnerability in
manufacturing cybersecurity: technology and personnel [39,40]. One Corporate culture coexists with formal corporate policies and em-
study emphasised the significance of considering technology, person- bodies an informal directive, where formal rules are complemented by
nel, and procedures equally in order to achieve effective cybersecurity secondary, less formal understandings and practices [41]. While the
[41]. In terms of technology, as highlighted by this study, it is clear that link between corporate culture and company performance is widely ac-
the use of outdated and unsupported hardware and software creates a knowledged, efforts to measure culture and its correlation with per-
manufacturing environment where critical, yet vulnerable, devices are formance have frequently yielded limited results [59]. Surveys, how-
connected to an insecure network, thereby increasing the risk of cyber- ever, provide a valuable way to comprehend workforce attitudes, iden-
attacks [42]. tify trends, and identify areas for improvement and consolidation. Sev-
The second group focuses on people, and according to University of eral examples illustrate the use of survey-based approaches in evaluat-
Phoenix and ISC(2) [43], who conducted a report on cybersecurity work- ing manufacturing organisations. For example, the Manufacturing En-

3
A. Alqudhaibi, M. Albarrak, S. Jagtap et al. Cyber Security and Applications 3 (2025) 100067

Table 1
Services for cybersecurity consultancy.

Firm Tasks and services Associated action

Governance of IT Consultancy service reviewing and auditing Auditing and evaluating employee involvement.
Jaw Consulting IT health check for weakest security areas User awareness and training.
Fujitsu Risk assessment and asset discovery. Technology interviews and people process.
Romano Security Consulting Cybersecurity audits Emphasise staff education and awareness.

terprise Systems Association and the Manufacturing Operations Man- steps. These steps included training and guidance on using Qualtrics,
agement/Capability Maturity Model developed a survey with 832 ques- conducting research for question development, performing mock sur-
tions to evaluate the development and capability of production compa- veys, drafting the questionnaire, collecting user feedback, distributing
nies from a factory operations perspective [60]. Another survey-based a pilot version, seeking input from cybersecurity experts, finalising and
approach, the Smart Manufacturing System Readiness Assessment, was publishing the questionnaire, and ultimately distributing it. The litera-
designed to evaluate the readiness of a manufacturing environment to ture review confirmed the importance of using a high-quality question-
adopt smart manufacturing technologies [61]. While these approaches naire, leading to the addition of extra checkpoints for feedback during
are valuable tools, neither they nor the subsequent literature associ- the questionnaire preparation process. The methodology flowchart for
ated with them specifically address cybersecurity. Dojkovski et al. [46] this research is shown in Table 2.
acknowledges that changing people’s cybersecurity behaviours is chal-
lenging, given the difficulty of precisely measuring individuals’ current 3.2. Questionnaire development
knowledge, overlooked knowledge, and knowledge gaps. Nonetheless,
some profitable consultancy firms specialise in providing advice on cy- The creation of the questionnaire involved dividing the process into
bersecurity issues and conducting risk assessments [62]. A review of nine essential steps, as previously explained. Extensive literature re-
their prospectuses reveals that all of them include an employee evalua- search highlighted the crucial connection between the quality of the
tion component, as shown in Table 1. questionnaire and the attainment of reliable results. Therefore, the pro-
A Deloitte report on cyber risk in advanced fabrication companies cess of developing the questionnaire included several feedback check-
highlighted that ‘Increasingly, people are the greatest cybersecurity risk; points. Furthermore, the research emphasised the importance of ques-
whether the intent is malicious or not, they are our most significant li- tion wording, highlighting that the language chosen significantly affects
ability’ [63]. The reviewed literature consistently emphasises that the the responses received. Generally, questions should be concise, clear,
workforce’s comprehension and involvement in cybersecurity policies and specific [66]. To improve the accuracy of responses and streamline
are the most crucial elements of a company’s cybersecurity strategy the analysis that follows, it is recommended to minimise or eliminate
[10,46]. open-ended questions [67,68]. The literature also emphasises the im-
Most existing literature indicates a difference between IT personnel, portance of aligning the design of the questionnaire with the objectives
who are aware of the cybersecurity risks associated with manufacturing of the data analysis. This ensures that the questions asked contributes
but focus on simple improvements such as securing vulnerable equip- effectively to the overall goals and allows for a reduction in the total
ment through software patches, and the manufacturing workforce, who number of questions [69].
prioritise operations, data, and system availability and show indiffer-
ence towards cybersecurity [64]. This conflict causes frustration among 4. Results and discussion
manufacturing personnel and increases the chances of bypassing secu-
rity measures to implement local improvements [65]. Developing poli- 4.1. Analysis approach
cies that aim to enhance the engagement, understanding, and practices
of the manufacturing workforce will provide valuable insights for driv- Following the data collection phase of the research, the responses
ing future strategies. were examined for errors, and only one incorrect selection was iden-
In conclusion, manufacturers have demonstrated an increasing ten- tified: one respondent described their employment as ‘other’ but con-
dency to network their equipment, enhance data accessibility, and take tradicted themselves in the free-text field by selecting a department of
advantage of the opportunities provided by modern technology. Nev- manufacturing. To ensure consistency across the answers, a manual cor-
ertheless, the integration of existing IT and OT technologies has out- rection was made. Additionally, the responses of a single participant
paced the development of employee awareness and comprehension. The who indicated being employed in the IT function were excluded to avoid
disconnect between the IT department and manufacturing is apparent potential bias. Although certain roles received less feedback, the study
in their approaches to cybersecurity: IT operations are becoming more gathered responses from a total of 144 employees, providing a satis-
proficient with production technology, while the manufacturing depart- factory range of data to offer an illustrative perspective. The Microsoft
ment has a limited understanding of the IT cybersecurity culture. BI software was used to analyse and present the results through the
creation of reporting dashboards. The outcomes produced by this pro-
3. Survey design and method gramme are interactive and easy to use, promoting greater engagement
for the senior stakeholders who were part of the audience. The results
3.1. Research method examined in the following sections include excerpts from these dash-
boards.
This study utilised a survey as its main method of data collection
because it has the ability to outline the data collection process and 4.2. General cybersecurity awareness
facilitate analysis and interpretation through specific analysis tools.
Table 2 assesses research tools and ultimately selects the questionnaire These surveys were conducted to evaluate employees’ overall under-
approach. This approach was chosen because it enables data collec- standing of cybersecurity and their sense of accountability and personal
tion from a large number of participants and, when combined with responsibility. The findings show that the majority of respondents ac-
anonymity, encourages honesty. The questionnaire was created and dis- knowledge their responsibility for upholding cybersecurity in their daily
tributed using Qualtrics, an online tool that enables users to create, work, with fewer than 20 % providing a negative response. Likewise, an
evaluate, share, and analyse questionnaires across multiple connected equal number of positive responses were received regarding the impor-
devices. The process of creating the questionnaire involved nine key tance placed on cybersecurity in the manufacturing industry (see Fig. 3).

4
A. Alqudhaibi, M. Albarrak, S. Jagtap et al. Cyber Security and Applications 3 (2025) 100067

Table 2
Evaluation of research tools.

Size of the sample Bias in samples Integrity of results Analyse the results Avg
Method score
Remarks Score Remarks Score Remarks Score Remarks Score

Questionnaire Expect a mixed reaction, 8 The bias participation is 6 The anonymous 8 Assured qualitative data 10 8
as non-personal less risky; we still technique increases the that will facilitate
distribution may anticipate a higher level likelihood of truthful straightforward analysis.
influence engagement of input from candidates responses.
with a large audience, who have a vested
and follow-up is not interest.
possible.
Interview Expect varied uptake. 6 There is a potential risk 4 There is a risk that 6 Converting interview 6 5.5
The duration of the of bias favouring the answers may be biased output into quantitative
interview might deter involvement of and influenced by the data for comparison.
some. We can follow up applicants who have a interview setting,
to boost engagement. vested interest in the potentially leading to
issue. less truthful responses.
Corporate It is challenging to make 6 It is difficult to forecast, 2 There is a chance that 4 There is a good 8 5
Data precise forecasts, but we but accessible data is data will be erroneous or likelihood that the data
anticipate that the likely to favour biased unknowingly. will be qualitative and
available data will be increasingly advanced, easily evaluated.
quite limited. proactive production
environment.
Surveillance There will be additional 2 Controlling sampling 10 The surveillance 6 The surveillance 8 6.5
issues stemming from bias and ensuring that all approach may result in a approach can be
research ethics and areas/functions are variable likelihood of structured to yield
participation concerns. covered. obtaining honest quantitative data,
responses because simplifying the analysis
subjects are aware of process.
being under observation.

Fig. 3. Responsibility for cybersecurity. Fig. 4. Confidence in cybersecurity.

In contrast, the responses were less positive when asked about their respondents surveyed, 55 individuals, which accounts for 45 % of the to-
level of confidence in strong cybersecurity and who they should notify tal, confirmed that they were responsible for specifying or installing new
in the event of a cyberattack. The available answer options received equipment. The idea of Industry 4.0, commonly known as ‘Smart Facto-
an equal number of responses, and only 25 % of respondents selected ries’, has been thoroughly examined in current literature. The findings of
high confidence as their answer (see Fig. 4). No noticeable patterns this research emphasise a significant trend towards interconnectedness
were observed in any of the cybersecurity awareness questions when within the manufacturing industry (see Fig. 5).
compared to the employee’s business field, purpose, or role. These out- Overall, participants responded positively regarding the attention
comes clearly highlight the contrast between individuals’ awareness and given to cybersecurity during equipment changes, with 69 % stating
their intention to follow correct procedures, as well as their proficiency, that they ‘always’ or ‘most of the time’ consider it. However, when
knowledge, and connections needed to achieve desired cybersecurity asked about cybersecurity protocols and guidance concerning equip-
outcomes. ment, only 22 % answered affirmatively. This aligns with earlier re-
sponses suggesting a need for improved user knowledge and adequate
4.3. Equipment changes and cybersecurity guidance. In terms of software compliance reviews, the data indicates in-
frequent occurrences, with over 50 % of respondents selecting ‘unsure’
These questions were created to measure the respondents’ under- or ‘never’ (see Fig. 6). Additionally, only 68 % of responses indicated
standing of the importance of maintaining strong cybersecurity prac- that equipment modifications are regularly reviewed within local net-
tices when obtaining, upgrading, or supervising equipment. Out of the work schematics.

5
A. Alqudhaibi, M. Albarrak, S. Jagtap et al. Cyber Security and Applications 3 (2025) 100067

Fig. 7. Experiences of equipment connection.

Fig. 5. Equipment connected to the network.

Fig. 8. Data management.

which makes up 84 % of the surveyed individuals, affirmed this respon-

Fig. 6. Accountability for equipment. sibility. In terms of data storage and administration, more than 82 % of
the respondents expressed their belief that data in manufacturing sys-
tems is stored and accessed in an organised manner, with the majority
Initially, there was a concern that the inclusion of an unequal number choosing ‘definitely yes’ or ‘probably yes’ (refer to Fig. 8). When evaluat-
of employees from Capability Acquisition and Manufacturing Services, ing their confidence in the organisation of the data, approximately 80 %
who are responsible for setting up and overseeing equipment, might of participants selected the highest rating. These findings emphasise the
have a negative impact on this dataset. However, a detailed analysis positive employee awareness and understanding of data management
revealed that this concern was unfounded. The final questions in this practices.
section relate to employee experiences over the past two years. Despite the encouraging findings regarding employee awareness,
Approximately 50 % of the respondents reported observing worri- 60 % of participants reported that internal data related to manufactur-
some actions and procedures related to the installation and maintenance ing systems had been externally accessible in the past two years (refer to
of hardware connections (refer to Fig. 7). This statistic highlights the Fig. 9). These results were expected, considering that the participants,
existence of employee dissatisfaction. Employees noted that using ap- who are employees in the manufacturing industry with cyber aware-
proved secure channels to arrange equipment connections is difficult ness, frequently encounter such incidents. The manufacturing industry
and inefficient, frequently impeding performance targets and deadlines. prioritises output and meeting deadlines over data administration. This
As a result, project teams and employees opt for the quicker solution section of the survey focuses on threats and potential enhancements,
of bypassing IT security protocols and connecting directly to the equip- recognising that data storage and portable memory devices, such as Uni-
ment. versal Serial Bus (USB) flash drives, pose cybersecurity risks.

4.4. Data management and cybersecurity 4.5. Management of user accounts and cybersecurity

The survey questions were designed to evaluate respondents’ knowl- These questions were designed to assess respondents’ knowledge,
edge, confidence, and experiences in relation to data management in procedures, and experiences in managing user accounts and privileges
manufacturing systems. These questions were specifically targeted at in- in manufacturing systems.
dividuals who responded ‘yes’ to the scoping question ‘Are you respon- These questions were specifically directed at candidates who an-
sible for configuring, saving, uploading, or auditing data in manufactur- swered, ‘yes’ to the scoping question ‘Are you responsible for the con-
ing systems?’ in order to ensure precise results. A total of 58 candidates, figuration or maintenance of manufacturing system user accounts and

6
A. Alqudhaibi, M. Albarrak, S. Jagtap et al. Cyber Security and Applications 3 (2025) 100067

Fig. 9. Data behaviour results.

Fig. 11. User account experience results.

4.6. Cybersecurity opportunities and improvements

These questions were designed to gather information about candi-

dates’ ideas for improving cybersecurity in manufacturing systems. All
candidates were asked these questions.
Two questions allowed participants to provide open-ended re-
sponses, which were then identified and evaluated to create a sum-
marised set of results. Participants consistently highlighted three main
risk factors: data storage and sharing, awareness and education, and
third-party vendor access. System users ranked fourth in terms of the
risk they pose.
When asked about how to improve cybersecurity, the most fre-
quently mentioned suggestions revolved around simplifying system
management and protocols to make them more practical for everyday
use in the workplace (see Fig. 12). Many responses expressed dissatisfac-
tion with complex and confusing IT and Information Assurance method-
ologies, which often led users to take shortcuts to bypass IT security and
meet production goals. The next significant set of responses focused on
Fig. 10. Management of user accounts.
enhancing employee education and raising awareness of relevant sys-
tems and procedures (see Fig. 13). These perspectives align with cur-
rent literature and best practice models. Finally, participants were asked
privileges?’ to ensure accurate results. A total of 37 candidates, repre- about their willingness to become cybersecurity champions and support
senting 43 % of the surveyed individuals, confirmed this responsibility. colleagues and departments in gaining a better understanding of current
Regarding the creation of user accounts and the granting of access issues. More than half of the respondents expressed potential interest in
privileges, the results were overwhelmingly positive. Only 10 % of par- this role, indicating a possible area for development. Fig. 14 illustrates
ticipants expressed a need for strict protocols to follow when creating the results regarding cybersecurity champions.
user accounts, and fewer than 10 % expressed a lack of confidence in
the individual checks required before granting access or privileges. 4.7. Key findings
However, regarding the frequency of audits and assessments of user
accounts, the responses were troubling. One-third of the participants The results obtained from this survey can be considered reliable and
reported never undergoing these procedures, and only 32 % stated that a suitable assessment of the current situation due to high levels of partic-
the process was conducted on an annual basis. This approach presents a ipation. The survey assessed opinions and attitudes within an organisa-
significant risk to manufacturing systems, as active accounts with user tion, with responses categorised by role. It was found that Staff members
privileges can continue to be accessible even after personnel changes, made up the majority of respondents at 61.18 %, followed by Leaders
potentially jeopardising product quality. Furthermore, the probability at 28.24 %, and Senior Leaders at 10.59 %. This distribution highlights
of undetected malicious accounts rises, posing greater threats to data the varying levels of engagement across different organisational roles,
storage and machine operations (see Fig. 10). offering a comprehensive view of the diverse perspectives and attitudes
When reviewing the responses concerning employee experiences in within the organisation, divided by role hierarchy. Throughout this pa-
the past two years, more than half of the participants answered ‘yes’ or per, capability acquisition refers to the process by which an organiza-
‘maybe’ when asked whether they were aware of colleagues who had ob- tion obtains the necessary skills, knowledge, technologies, and resources
tained unauthorised system access, shared accounts, or bypassed access to perform tasks and achieve strategic objectives. Its implications in-
controls (see Fig. 11). Although unsatisfactory, these results were not clude increased competitiveness, improved efficiency and productivity,
surprising and emphasised a situation where the benefits of intercon- enhanced innovation, strategic flexibility, risk mitigation, and employee
nected systems are sought after, but proper maintenance and oversight development. The survey did experience some bias as a result of higher
regarding access are deficient. participation rates from employees in the Digital Manufacturing and

7
A. Alqudhaibi, M. Albarrak, S. Jagtap et al. Cyber Security and Applications 3 (2025) 100067

Fig. 12. Cybersecurity risks in manufacturing

results.

Fig. 13. Suggestions for improvement results.

that individuals with pre-existing experience, interest, and knowledge

are more likely to engage and contribute to further discussion. Support-
ing this idea, the data shows that questions about individual knowledge
and accountability received positive responses, while responses related
to poor practices by third parties were more negative. This pattern also
emerged when considering risks and improvements: the free-text an-
swers mainly focused on enhancing employee education levels, familiar-
ity with appropriate procedures, and subsequent associated behaviours.
The most significant conclusion drawn from this research asserts that
addressing issues related to uninformed, unaware, and disinterested in-
dividuals will lead to the most substantial improvements. Moreover,
many negative responses stemmed from participant interactions with
colleagues in everyday operational roles with limited exposure to cyber-
security protocols, making them less involved and unaware of the risks.
Reference [63] reinforces the idea that cybersecurity threat prevention
is only as effective as the weakest link in the chain, and employee edu-
Fig. 14. Cybersecurity champion results. cation should prioritise raising awareness of current issues. This concern
should be the primary focus for companies seeking to educate their staff:
providing organised events or drop-in activities will only benefit those
with existing knowledge and interest in the subject, while those with
Manufacturing Engineering departments, compared to the number of
little to no interest are unlikely to derive significant benefits from this
participants from Operations, Capability Acquisition, and Manufactur-
approach.
ing Services. This bias is in line with the findings of [70], which observed

8
A. Alqudhaibi, M. Albarrak, S. Jagtap et al. Cyber Security and Applications 3 (2025) 100067

Table 3
Framework for improvement and key focus areas.

Responses regarding individual accountability, the implementation 5. Research limitations

of cybersecurity training in the manufacturing environment, and an in-
creased focus on cybersecurity were met with positive reactions. The data for this study was collected voluntarily from employees
The need for increased employee education and awareness exists par- who work with manufacturing systems. While the results provide valu-
allel to four other focused areas. able insights, their accuracy and validity could be enhanced by including
employees from all sectors of the manufacturing industry. Furthermore,
the subjects selected for this research are all employed by a single man-
4.7.1. Prioritisation and resource availability ufacturer; expanding the scope to include other manufacturers could fa-
Negative responses have arisen from insufficient maintenance and cilitate further analysis and the identification of similar trends, offering
system management, which are regarded as low priority and frequently a broader overview of the current situation. To improve the general-
overlooked due to resource limitations. isability of the findings, future research should aim to involve a more
diverse range of participants from various sectors within the manufac-
4.7.2. Procedural simplification turing industry. Additionally, collecting data from original equipment
Negative responses typically stem from complex, time-consuming, manufacturers (OEMs) would provide additional insights and may en-
and restrictive protocols that impede operational priorities. As a result, able the identification of more cybersecurity vulnerabilities.
employees often circumvent IT security measures, thereby heightening
the potential risk to company systems and equipment. 6. Framework for cybersecurity improvements in the
manufacturing industry
4.7.3. Remote vendor access
Enabling secure remote access for third-party external vendors Based on the critical findings, a framework (shown in Table 3) has
presents a challenge within the existing infrastructure. Vendors are of- been proposed to enhance cybersecurity in manufacturing systems, with
ten inclined to utilise wireless technologies such as 4 G to circumvent suggested levels of emphasis allocated to each functional area. The first
IT security protocols and gain access. area involves implementing an awareness campaign aimed at dissem-
inating the importance of cybersecurity throughout the company, ex-
plaining its relevance to each function and the systems it uses. The re-
4.7.4. Data storage and sharing search revealed that individuals employed in digital manufacturing roles
Responses indicate that data storage and sharing are considered the already have a good understanding of cybersecurity. Therefore, the fo-
main risks in manufacturing cybersecurity. Several responses mentioned cus should shift towards those working in operations who have not yet
the use of USB flash drives for storing data, even though there is a recent been exposed to the topic. It is recommended that these events prioritise
IT mandate prohibiting their use. engaging, interactive, and manageable tasks designed for an audience

9
A. Alqudhaibi, M. Albarrak, S. Jagtap et al. Cyber Security and Applications 3 (2025) 100067

Table 4
Concrete cybersecurity recommendations for various industries [74,75].

Industry Company size Concrete recommendations

Manufacturing Small Implement access controls and frequently update incident response plans. Utilize cybersecurity by design for new systems and
products.
Medium Establish cybersecurity training programs for all employees. Involve in cross-industry information sharing to enhance threat
intelligence.
Large Drive cybersecurity standardization efforts. Implement cybersecurity and privacy certification schemes to boost consumer and
partner confidence.
Healthcare Small Ensure compliance with health data protection standards and guidelines. Use encryption for patient data and secure patient
data exchange and storge.
Medium Develop comprehensive risk management strategies that include vulnerability assessments. Encourage partnerships with
academia to translate research into practical cybersecurity enhancements.
Large Lead initiatives for global cybersecurity frameworks that address specific needs of the healthcare industry. Implement efficient
disaster recovery protocols.
Finance Small Invest in strong multi-factor authentication and encryption methods to protect sensitive financial data.
Medium Adopt advanced cybersecurity technologies such as security monitoring and behavioural analytics for detecting suspicious
activities. Increase investments in cybersecurity awareness and training.
Large Establish a dedicated cybersecurity task force to focus on emerging threats and compliance with global financial regulatory
requirements. Promote a culture of continuous improvement in cybersecurity practices.
Retail Small Use secure and updated point-of-sale (POS) systems to protect against data breaches. Implement basic cybersecurity measures
like antivirus, firewalls, and secure Wi-Fi networks.
Medium Develop a comprehensive data protection strategy that includes end-to-end encryption and data tokenization to protect
customer information during transactions.
Large Lead development and adoption of industry-wide security standards. Invest in advanced threat detection and response
capabilities. Organize regular security audits and penetration testing.
Education Small Secure sensitive student data through encryption and secure access controls. Provide basic cybersecurity training to all
employees.
Medium Develop policies for the safe use of personal devices on campus networks. Invest in cybersecurity tools that provide visibility
into network traffic to detect unauthorized access attempts.
Large Establish partnerships with cybersecurity firms to enhance security infrastructure and incident response capabilities. Offer
advanced cybersecurity training and education programs to staff and students, focusing on the specific threats facing the
education sector.

with limited technical background. These sessions should be kept brief focus on the manufacturing aspect [71,72]. The results and findings of
to ensure that operational priorities do not hinder participation. such a study depict several influences on academics, industry practition-
The second proposal involves the introduction of cybersecurity ers, and policymakers.
champions who will be placed within each organisation. These cham-
pions will act as the main point of contact for individuals in need of IT
assistance. They will receive additional training in IT and cybersecurity 7.1. Theoretical implications
to help support their colleagues. Importantly, they will serve as a crucial
link between IT security teams and end-users. They will be equipped to 7.1.1. Cybersecurity vulnerabilities from technical to concepts
offer solutions and address any inefficiencies or frustrations that could This study increases the theoretical framework surrounding cyberse-
potentially cause individuals to bypass current security protocols. curity by highlighting specific vulnerabilities within the manufacturing
The next two proposals aim to enhance equipment procedures and sector. It must incorporate the integration of IT and OT with the height-
external vendor access. Feedback from the survey suggests that these ened risk profile, thereby providing a view of cybersecurity challenges
areas led to dissatisfaction and exposed a lack of awareness and under- specific to industrial settings. Furthermore, tailored cybersecurity poli-
standing of these challenges. Improving collaboration between Capabil- cies and protocols for fighting vulnerabilities in the industrial domain
ity Acquisition, IT Security, and Manufacturing Services to tackle these would need more academic support to transfer manufacturing safety and
concerns would be a positive move. By defining vendor requirements, security knowledge and experience to cybersecurity perspective [73].
the IT Security team can work together with Capability Acquisition and For instance, the mitigation and the time and cost estimations resulting
Manufacturing Services to establish a secure and mutually beneficial from assessing risk of ongoing vulnerability in Industry 4.0 would not be
system that facilitates equipment installation and updates. In addition, as accurate as expected if it were coming up from an individual opinion.
technological upgrades in cybersecurity are important for protecting It should be an approach based on an academic concept.
manufacturing systems against sophisticated cyber threats. Implement-
ing advanced technologies such as AI, machine learning, and blockchain
can enhance the detection, prevention, and response capabilities of an 7.1.2. Employee awareness culture
organization, ensuring robust security and operational integrity. The fi- The findings explain the importance of employee awareness as a crit-
nal activities recommended by this research involve reviewing the cur- ical factor in cybersecurity. This aligns with and expands upon existing
rent user account management systems and assessing the existing data theories that suggest organizational culture significantly impacts cyber-
storage and management systems. These two activities aim to ensure security effectiveness. This research contributes to the theory by detail-
that all user accounts are up-to-date and that data is securely stored and ing how awareness and training modify risk perceptions and behaviour
efficiently managed. Additionally, they enable management personnel in a manufacturing context.
to establish and maintain the necessary resources to regularly conduct
these reviews.
7.1.3. Framework for cybersecurity improvements
7. Theoretical and managerial implications from a cybersecurity By proposing a comprehensive framework that includes awareness
perspective campaigns, cybersecurity champions, and enhanced procedural proto-
cols, this study offers a theoretical model for improving cybersecurity
Current research project studies theoretical understanding alongside postures within manufacturing environments. This framework can serve
the practical applications of Industry 4.0 cybersecurity and it has more as a basis for further academic exploration and validation.

10
A. Alqudhaibi, M. Albarrak, S. Jagtap et al. Cyber Security and Applications 3 (2025) 100067

7.2. Managerial implications access issues, and reviewing user account management and data stor-
age systems. Additionally, maintaining comprehensive, ongoing train-
7.2.1. Strategic resource allocation ing programs and implementing a multi-level access control system are
For industry leaders, the emphasis on redirecting cybersecurity re- advised to minimize internal threats. The research underscores the im-
sources towards manufacturing highlights the need for strategic invest- portance of employee education, operational priorities, and IT security
ment in cybersecurity infrastructure and training. This paper provides collaboration.
a clear rationale for prioritizing budget allocations, which is crucial for Future studies should encompass diverse participants across the
managerial decision-making. manufacturing sector to gain a broader understanding of cybersecu-
rity challenges and strategies. The recommendations outlined in the im-
7.2.2. Implementation of a cybersecurity framework provement framework provide a roadmap for organisations to enhance
The proposed framework serves as a practical guide for manufactur- their cybersecurity measures and effectively mitigate risks. By prioritis-
ing companies seeking to enhance their cybersecurity measures. Man- ing these areas and regularly reviewing user account management and
agers can adopt this framework to structure their cybersecurity efforts data storage systems, companies can strengthen their cybersecurity pos-
systematically, ensuring comprehensive coverage of both technological ture and safeguard their manufacturing systems and data.
and human factors.
Declaration of competing interest
7.2.3. Cybersecurity as a continuous process
The study advocates for the continuous evaluation and adaptation The authors declare that they have no known competing financial
of cybersecurity practices. This has direct managerial implications as interests or personal relationships that could have appeared to influence
it calls for ongoing training programs, regular audits, and updates to the work reported in this paper.
security protocols to keep pace with evolving cyber threats and techno-
logical advancements. Role of Cybersecurity Education: This research
CRediT authorship contribution statement
highlights the critical role of targeted education and training programs
in reducing cybersecurity risks. Managers are encouraged to implement
Adel Alqudhaibi: Writing – review & editing, Writing – origi-
regular, engaging, and practical cybersecurity education that reaches all
nal draft, Visualization, Validation, Methodology, Investigation, For-
employee levels, thereby fostering a proactive security culture.
mal analysis, Data curation, Conceptualization. Majed Albarrak: Writ-
By incorporating these sections, the paper meets the academic rigor
ing – review & editing, Writing – original draft, Visualization, Valida-
expected in scholarly publications and provides tangible, actionable rec-
tion, Methodology, Investigation, Formal analysis, Data curation, Con-
ommendations that can be implemented in practical settings. These im-
ceptualization. Sandeep Jagtap: Writing – review & editing, Writing
plications strengthen the bridge between theoretical research and real-
– original draft, Supervision, Software, Resources, Project administra-
world application, making the findings relevant to a broader audience
tion, Funding acquisition. Nikki Williams: Writing – review & editing,
including those directly involved in the operational and strategic over-
Writing – original draft, Supervision, Formal analysis, Data curation,
sight of manufacturing entities.
Conceptualization. Konstantinos Salonitis: Writing – review & editing,
Based on the study results and sources, Table 4 has been constructed
Writing – original draft, Resources, Project administration, Funding ac-
that delineates concrete recommendations for managers across various
quisition.
industries and organizational sizes. Table 4 specifies actions that man-
agers can undertake to bolster cybersecurity measures within their re-
References
spective sectors.
[1] P.G.S. Contieri, R. Anholon, L.A. De Santa-Eulalia, Industry 4.0 enabling tech-
8. Conclusion and future work nologies in manufacturing: implementation priorities and difficulties in an
emerging country, Technol. Anal. Strateg. Manag. 34 (5) (2022) 489–503,
doi:10.1080/09537325.2021.1908536.
This survey analysed participants’ comprehension, knowledge, and [2] V. Morfino, S. Rampone, Towards near-real-time intrusion detection for IoT devices
encounters with cybersecurity in manufacturing systems. In particular, using supervised learning and apache spark, Electronics (Switzerland) 9 (3) (2020),
the results were considered reliable and offered a suitable evaluation of doi:10.3390/electronics9030444.
[3] I. Agrafiotis, J.R.C. Nurse, M. Goldsmith, S. Creese, D. Upton, A taxonomy of cyber-
the present situation due to the significant level of participation.
harms: defining the impacts of cyber-attacks and understanding how they propagate,
As a result, the findings revealed that individuals had positive knowl- J. Cybersecur. 4 (1) (2018) Oxford University Press, doi:10.1093/cybsec/tyy006.
edge and accountability for cybersecurity, while responses regarding [4] A. Bazzi, M. Chafii, Secure full duplex integrated sensing and communications, IEEE
poor practices by third parties were pessimistic. It was concluded that Trans. Inf. Forensics Secur. 19 (2024) 2082–2097, doi:10.1109/TIFS.2023.3346696.
[5] G. Tsochev, R. Trifonov, O. Nakov, S. Manolov, G. Pavlova, Cyber security: threats
addressing issues related to uninformed, unaware, and disinterested in- and challenges, in: 2020 International Conference Automatics and Informatics
dividuals would lead to the greatest improvements. Employee education (ICAI), Varna, Bulgaria, 2020, pp. 1–6, doi:10.1109/ICAI50593.2020.9311369.
and cybersecurity awareness were identified as crucial factors, suggest- [6] Yozawa, K. (2019). 2021 Global Threat Intelligence Report Together we do great
things INSIGHTS DRIVEN BY DATA 2 | 2021 Global Threat Intelligence Report Con-
ing that companies should prioritise raising awareness among all em- tents Access date July 8, 2024 (672544-2021-Global-Threat-Intelligence-Report-full-
ployees, rather than solely focusing on those with existing knowledge report.pdf (nttdata.com)).
or interest in the subject. [7] National Institute of Standards and Technology, “Framework for Improving Crit-
ical Infrastructure Cybersecurity, Version 1.1,” Gaithersburg, MD, 2018. doi:
Although, the data collection was voluntary and limited to em- 10.6028/NIST.CSWP.04162018.
ployees of a single manufacturer working with manufacturing sys- [8] IBM, “IBM Security X-Force Threat Intelligence Index 2023,” 2023. Accessed: Jan.
tems. To enhance the accuracy and validity of the results, it would 16, 2024. Available: https://www.ibm.com/downloads/cas/DB4GL8YM
[9] J. Srinivas, A.K. Das, N. Kumar, Government regulations in cyber security: frame-
be beneficial to include employees from various sectors of the man-
work, standards and recommendations, Future Gener. Comput. Syst. 92 (2019) 178–
ufacturing industry and different manufacturers. Furthermore, collect- 188 ISSN 0167-739X, doi:10.1016/j.future.2018.09.063.
ing data from OEMs could provide valuable insights into cybersecurity [10] A. Staves, T. Anderson, H. Balderstone, B. Green, A. Gouglidis, D. Hutchi-
son, A cyber incident response and recovery framework to support operators
vulnerabilities.
of industrial control systems, Int. J. Crit. Infrastruct. Prot. 37 (2022) 100505,
Moreover, a proposed framework for enhancing cybersecurity in the doi:10.1016/j.ijcip.2021.100505.
manufacturing industry includes implementing an awareness campaign [11] National Cyber Security Centre, “Cyber Security Toolkit for Boards -
featuring interactive events for operational employees and introducing NCSC.GOV.UK,” Crown. Accessed: Nov. 25, 2023. Available: https://www.ncsc.
gov.uk/collection/board-toolkit.
cybersecurity champions as points of contact. Key recommendations em- [12] M. Barrett, “Framework for Improving Critic al Infrastructure Cybersecurity, Version
phasize improving equipment procedures, addressing external vendor 1.1,” Gaithersburg, MD, 2018. doi: 10.6028/NIST.CSWP.04162018.

11
A. Alqudhaibi, M. Albarrak, S. Jagtap et al. Cyber Security and Applications 3 (2025) 100067

[13] M. Hill and D. Swinhoe, “The 15 biggest data breaches of the 21st century | [38] D. Thangam, T. Arumugam, K. Velusamy, M. Subramanian, S.K. Ganesan,
CSO Online.” Accessed: Nov. 25, 2023. Available: https://www.csoonline.com/ M. Suryakumar, COVID-19 pandemic and its brunt on digital transforma-
article/534628/the-biggest-data-breaches-of-the-21st-century.html. tion and cybersecurity, in: Cybersecurity Crisis Management and Lessons
[14] J. Sullivan and J.R.C. Nurse, “Cyber Security Incentives and the Role of Cy- Learned From the COVID-19 Pandemic, IGI Global, 2022, pp. 15–42,
ber Insurance,” 2021. Accessed: Oct. 16, 2023. Available: https://kar.kent.ac.uk/ doi:10.4018/978-1-7998-9164-2.ch002.
89042/1/RUSI-Kent-EIP-Cyber-insurance.pdf. [39] B. Williams, M. Soulet, A. Siraj, A taxonomy of cyber attacks in smart manu-
[15] G. Falco, R. Thummala, A. Kubadia, Wannafly: an approach to satellite ran- facturing systems, in: 6th EAI International Conference on Management of Man-
somware, in: 2023 IEEE 9th International Conference on Space Mission Challenges ufacturing Systems, Springer International Publishing, Cham, 2022, pp. 77–97,
for Information Technology (SMC-IT), IEEE, 2023, pp. 84–93, doi:10.1109/SM- doi:10.1007/978-3-030-96314-9_6.
C-IT56444.2023.00018. [40] M. Ryan, M. Ryan, Ransomware case studies, in: Ransomware Revolution: The Rise
[16] Q. Li, M. Brundage, B. Kulvatunyou, D. Brandl, S. Do Noh, Advances in production of a Prodigious Cyber Threat, 2021, pp. 65–91, doi:10.1007/978-3-030-66583-8_5.
management systems. the path to intelligent, collaborative and sustainable manufac- [41] D. Kurt, “The 10 Most Expensive Cyberattacks of All Time.” Accessed: May
turing, IFIP Advances in Information and Communication Technology, 513, Springer 31, 2021. Available: https://www.investopedia.com/financial-edge/0512/10-of-
International Publishing, Cham, 2017, doi:10.1007/978-3-319-66923-6. the-most-costly-computer-viruses-of-all-time.aspx.
[17] I. Agrafiotis, J.R.C. Nurse, M. Goldsmith, S. Creese, D. Upton, A taxonomy of cyber- [42] U.P.D. Ani, H. He, A. Tiwari, Review of cybersecurity issues in industrial critical
harms: defining the impacts of cyber-attacks and understanding how they propagate, infrastructure: manufacturing in perspective, J. Cyber Secur. Technol. 1 (1) (2017)
J. Cybersecur. 4 (1) (2018), doi:10.1093/cybsec/tyy006. 32–74, doi:10.1080/23742917.2016.1252211.
[18] S. Kamiya, J.K. Kang, J. Kim, A. Milidonis, R.M. Stulz, Risk management, firm rep- [43] V. Mullet, P. Sondi, E. Ramat, A review of cybersecurity guidelines for manufactur-
utation, and the impact of successful cyberattacks on target firms, J. Financ. Econ. ing factories in industry 4.0, IEEE Access. 9 (2021) 23235–23263, doi:10.1109/AC-
139 (3) (2021) 719–749, doi:10.1016/j.jfineco.2019.05.019. CESS.2021.3056650.
[19] Pankaj Pandey, Sokratis Katsikas, The future of cyber risk management: AI and DLT [44] A.W. Batteau, Creating a culture of enterprise cybersecurity, Int. J.
for automated cyber risk modelling, decision making, and risk transfer, in: Handbook Bus. Anthropol. 2 (2) (2011) Accessed: Nov. 26, 2023. Available:
of Research on Artificial Intelligence, Innovation and Entrepreneurship, Edward El- https://www.academia.edu/download/81761133/1118.pdf .
gar Publishing, 2023, pp. 272–290. [45] Ö. Aslan, S.S. Aktuğ, M. Ozkan-Okay, A.A. Yilmaz, E. Akin, A comprehensive review
[20] HISCOX, “Don’t let cyber be a game of chance. Hiscox Cyber Readiness Report of cyber security vulnerabilities, threats, attacks, and solutions, Electronics 12 (6)
2021,” 2021. Accessed: Nov. 25, 2023. Available: https://www.hiscox.co.uk/ (2023) 1333, doi:10.3390/electronics12061333.
sites/default/files/documents/2021-04/21486-Hiscox-Cyber-Readiness-Report- [46] University of Phoenix and (ISC)2, “ Cybersecurity Workforce Competencies: prepar-
2021-UK.pdf ing Tomorrow’s Risk-Ready Professionals,” 2014.
[21] A. Minnar, Cybercrime, cyber attacks, and problems of implementing organiza- [47] R.M. Lee, M.J. Assante, and T. Conway, “Analysis of the Cyber Attack on the
tional cybersecurity, in: Global Issues in Contemporary Policing, Routledge, 2017, Ukrainian Power Grid Defense Use Case,” Bethesda, MD, USA, 2016.
pp. 147–164. eBook ISBN 9781315436975. [48] S.A. Talesh, Data breach, privacy, and cyber insurance: how insurance companies
[22] D. Galinec, D. Možnik, B. Guberina, Cybersecurity and cyber defence: act as “compliance managers” for businesses, Law Soc. Inq. 43 (2) (2018) 417–440,
national level strategic approach, Automatika 58 (3) (2017) 273–286, doi:10.1111/lsi.12303.
doi:10.1080/00051144.2017.1407022. [49] S. Dojkovski, S. Lichtenstein, M. Warren, Developing information security culture in
[23] ENISA. Consultation Paper - EU ICT Industrial Policy: Breaking the Cycyle of small and medium size enterprises: australian case studies, in: 6th European Confer-
Failure. 2019. Accessed: 24 April 2024. Available at: https://www.enisa.europa.eu/ ence on Information Warfare and Security 2007, ECIW 2007, 2007, pp. 55–65.
publications/enisa-position-papers-and-opinions/eu-ict-industry-consultation- [50] ENISA, Cybersecurity Culture Guidlines: Behavioural Aspects of Cybersecurity, no.
paper. 2018. doi: 10.2824/324042.
[24] R. Sabillon, J. Serra-Ruiz, V. Cavaller, J. Cano, A comprehensive cybersecurity audit [51] M. Bada, J.R.C. Nurse, Developing cybersecurity education and awareness pro-
model to improve cybersecurity assurance: the cybersecurity audit model (CSAM), grammes for small- and medium-sized enterprises (SMEs, Inf. Comput. Secur. 27
in: 2017 International Conference on Information Systems and Computer Science (3) (2019) 393–410, doi:10.1108/ICS-07-2018-0080.
(INCISCOS), IEEE, 2017, pp. 253–259, doi:10.1109/INCISCOS.2017.20. [52] Fagbule, O., 2023. Cyber Security Training in Small to Medium-sized Enter-
[25] M. Soori, B. Arezoo, R. Dastres, Virtual manufacturing in industry 4.0: a review, prises (SMEs): Exploring Organisation Culture and Employee Training Needs
Data Sci. Manag. (2023), doi:10.1016/j.dsm.2023.10.006. (Doctoral dissertation, Bournemouth University) Access date 9 July 2024
[26] Enisa, “Cybersecurity Culture Guidelines: Behavioural Aspects of Cybersecurity Cy- (https://eprints.bournemouth.ac.uk/39148/).
bersecurity Culture Guidelines: Behavioural Aspects of Cybersecurity About ENISA [53] A. Alqudhaibi, A. Aloseel, S. Jagtap, and K. Salonitis, “Identifying and Predicting
Cybersecurity Culture Guidelines: Behavioural Aspects of Cybersecurity,” 2018, doi: Cybersecurity Threats in Industry 4.0 Based on the Motivations Towards a Critical
10.2824/324042. Infrastructure,” 2022. doi: 10.3233/ATDE220599.
[27] V. Gkioulos, N. Chowdhury, Cyber security training for critical infrastructure protec- [54] A. Alqudhaibi, M. Albarrak, A. Aloseel, S. Jagtap, K. Salonitis, Predicting cybersecu-
tion: a literature review, Computer Science Review, 40, Elsevier Ireland Ltd, 2021, rity threats in critical infrastructure for industry 4.0: a proactive approach based on
doi:10.1016/j.cosrev.2021.100361. attacker motivations, Sensors 23 (9) (May 2023) 4539, doi:10.3390/s23094539.
[28] M. Felser, M. Rentschler, O. Kleineberg, Coexistence standardization of opera- [55] D. Dickinson, “Building A Business Case for Operational Technology Cy-
tion technology and information technology, Proc. IEEE 107 (6) (2019) 962–976, bersecurity,” 2016. Accessed: Nov. 26, 2023. Available: https://www.isa.
doi:10.1109/JPROC.2019.2901314. org/intech-home/2016/november-december/features/building-a-business-case-
[29] L. Laperrière, G. Reinhart, CIRP Encyclopedia of Production Engineering, Springer operational-technology.
Berlin, 2014, doi:10.1007/978-3-642-20617-7. [56] NDIA Cybersecurity for Advanced Manufacturing, “Cybersecurity for Manufac-
[30] W.J. Orlikowski, S.R. Barley, Technology and institutions: what can research on turing Networks The NDIA Cybersecurity for Advanced Manufacturing Joint
information technology and research on organizations learn from each other? MIS Working Group (CFAM JWG),” 2017. Accessed: Nov. 26, 2023. Available:
Q. (2001) 145–165, doi:10.2307/3250927. https://www.ndia.org/-/media/sites/ndia/divisions/working-groups/cfam/ndia-
[31] Gartner, “Definition of Operational Technology (OT) - Gartner Information Technol- cfam-2017-white-paper-20171023.ashx?la=en.
ogy Glossary.” Accessed: May 15, 2021. Available: https://www.gartner.com/en/ [57] C. Paulsen, Cybersecuring small businesses, Computer (Long. Beach. Calif) 49 (8)
information-technology/glossary/operational-technology-ot. (2016) 92–97, doi:10.1109/MC.2016.223.
[32] A.H. Maulana, I.G.P. Ari Suyasa, E. Kurniawan, Analysis of the demilitarized [58] Bagwell, M.A., 2016. Organizational decisions about cyber security in small
zone implementation in Java Madura Bali electrical systems to increase the to mid-sized businesses: a qualitative study (Doctoral dissertation, Northcen-
level of IT/OT cyber security with the dual DMZ firewall architecture method, tral University). Access date 9 July 2024 (https://www.proquest.com/openview/
in: 2023 International Conference on Smart Applications, Communications and d5e2775e9da54cc9f1a43d89647b4379/1?cbl=18750&pq-origsite=gscholar&parent
Networking (SmartNets), Istanbul, Turkiye, 2023, pp. 1–6, doi:10.1109/Smart- SessionId=EX%2BcTyW5Hm1WuUzbCb%2F%2FFWNWuh%2F%2FMbPgDVNa%
Nets58706.2023.10215960. 2FuwlM0g%3D).
[33] C.A. Giffi, B. Dollar, B. Gangula, and M.D. Rodriguez, “Exponential manufacturing [59] NCSC, “Cyber Security Small Business Guide Small Business Guide Collection How to
A collection of perspectives exploring the frontiers of manufacturing and tech- improve your cyber security; affordable, practical advice for businesses National Cy-
nology,” 2017. Accessed: Nov. 26, 2023. Available: https://www2.deloitte.com/ ber Security Centre 2,” 2020. Available: https://www.cyberessentials.ncsc.gov.uk/
content/dam/insights/us/collections/exponential-manufacturing/DUP_Exponential [60] Cisco, “Small and Mighty How Small and Midmarket Businesses Can For-
-Manufacturing.pdf. tify Their Defenses Against Today’s Threats CYBERSECURITY SPECIAL RE-
[34] O. Givehchi, K. Landsdorf, P. Simoens, A.W. Colombo, Interoperability for industrial PORT,” 2018. Accessed: Nov. 26, 2023. Available: https://www.cisco.com/c/dam/
cyber-physical systems: an approach for legacy systems, IEEE Trans. Ind. Inform. 13 global/en_hk/products/security/security-reports/Cisco_2018_SMB_Final.pdf.
(6) (2017) 3370–3378. [61] E. Ogbonna, L.C. Harris, Leadership style, organizational culture and performance:
[35] O. Alexander, M. Belisle, and J. Steele, “MITRE ATT&CK® for Industrial Con- empirical evidence from UK companies, Int. J. Hum. Resour. Manag. 11 (4) (2000)
trol Systems: design and Philosophy,” 2020. Accessed: Nov. 26, 2023. Available: 766–788, doi:10.1080/09585190050075114.
https://attack.mitre.org/docs/ATTACK_for_ICS_Philosophy_March_2020.pdf. [62] Q. Li, M. Brundage, B. Serm Kulvatunyou, D. Brandl, S. Do Noh, Improvement
[36] M. Guri, M. Monitz, Y. Elovici, Bridging the air gap between isolated networks and strategies for manufacturers using the MESA MOM capability maturity model, in:
mobile phones in a practical cyber-attack, ACM Trans. Intell. Syst. Technol. (TIST) IFIP Advances in Information and Communication Technology, 2017, pp. 21–29,
8 (4) (2017) 1–25, doi:10.1145/2870641. doi:10.1007/978-3-319-66923-6_3.
[37] National Security Agency and Cybersecurity and Infrastructure Security Agency, [63] K. Jung, B. Kulvatunyou, S. Choi, and M.P. Brundage, “An Overview of a
“NSA and CISA Recommend Immediate Actions to Reduce Exposure Across Opera- Smart Manufacturing System Readiness Assessment,” 2011. doi: https://doi.org/
tional Technologies and Control Systems,” 2020. Accessed: Nov. 26, 2023. Available: 10.1007/978-3-319-51133-7_83.
https://www.cisa.gov/news-events/cybersecurity-advisories/aa20-205a.

12
A. Alqudhaibi, M. Albarrak, S. Jagtap et al. Cyber Security and Applications 3 (2025) 100067

[64] T. Huelsman, E. Powers, S. Peasley, and R. Robinson, “Cyber risk in advanced manu- [70] J.A. Krosnick, Survey research, Annu. Rev. Psychol. 50 (1) (1999) 537–567
facturing,” 2016. Accessed: Nov. 26, 2023. Available: https://www2.deloitte.com/ Accessed: Nov. 26, 2023. Available: https://www.annualreviews.org/doi/pdf/
content/dam/Deloitte/us/Documents/manufacturing/us-manu-cyber-risk-in- 10.1146/annurev.psych.50.1.537 .
advanced-manufacturing.pdf. [71] N. Burgess, S. Becker, J.A. King, J. O’Keefe, Memory for events and their spatial
[65] F. Kitsios, E. Chatzidimitriou, M. Kamariotou, Developing a risk analysis strat- context: models and experiments, Philos. Trans. R. Soc. B 356 (1413) (2001) 1493–
egy framework for impact assessment in information security management sys- 1503, doi:10.1098/rstb.2001.0948.
tems: a case study in it consulting industry, Sustainability 14 (3) (2022) 1269, [72] M. Bada, A.M. Sasse, and J.R.C. Nurse, “Cyber security aware-
doi:10.3390/su14031269. ness campaigns: why do they fail to change behaviour?,” 2019. doi:
[66] U.P.D. Ani, H.(Mary) He, A. Tiwari, Review of cybersecurity issues in industrial https://doi.org/10.48550/arXiv.1901.02672.
critical infrastructure: manufacturing in perspective, J. Cyber Secur. Technol. 1 (1) [73] A. Bazzi, M. Chafii, On integrated sensing and communication waveforms
(2017) 32–74, doi:10.1080/23742917.2016.1252211. with tunable PAPR, IEEE Trans. Wirel. Commun. 22 (11) (2023) 7345–7360,
[67] K. Sehgal, N. Thymianis, Cybersecurity Blue Team Strategies: Uncover the Secrets of doi:10.1109/TWC.2023.3250263.
Blue Teams to Combat Cyber Threats in Your Organization, Packt Publishing Ltd., [74] S. Naoumi, A. Bazzi, R. Bomfin, M. Chafii, Complex neural network based joint AoA
2023 ISBN 978-180107-247-2. and AoD estimation for bistatic ISAC, IEEE J. Sel. Top. Signal Process. (2024) 1–15.
[68] A. Williams, How to … Write and analyse a questionnaire, J. Orthod. 30 (3) (2003) [75] S. Jagtap, H. Trollman, F. Trollman, G. Garcia-Garcia, W. Martindale, Surviving the
245–252, doi:10.1093/ortho/30.3.245. storm: navigating the quadruple whammy impact on Europe’s food supply chain,
[69] E. McColl et al., “Design and use of questionnaires: a review of best practice Int. J. Food Sci. Technol. (2024), doi:10.1111/ijfs.17106.
applicable to surveys of health service staff and patients,” 2001, Accessed:
Nov. 26, 2023. Available: https://www.academia.edu/download/46168290/
Design_and_Use_of_Questionnaires_A_Revie20160602-6738-1l9ett.pdf.

13