Skip to content
← All industries
Manufacturing

Factory Floors Running on Yesterday's Code

SCADA systems, MES platforms, and supply chain management on legacy infrastructure. Industry 4.0 ambitions on 1990s foundations.

Key data points
Manufacturing systems over 15 years old
SCADA, PLC, MES — operational technology that predates modern cybersecurity concepts.
~45%
Average manufacturing cyberattack cost
Third highest after healthcare and financial services. OT/IT convergence expanding attack surface.
$4.7M
Unpatched OT systems in production
Operational technology running on unsupported OS versions. Patching risks production downtime.
~65%
Supply chain visibility gap
Of manufacturers lack real-time visibility beyond tier-1 suppliers. Legacy systems can't integrate.
~70%
Industry 4.0 initiatives stalled by legacy
Smart factory projects blocked by inability to integrate legacy shop floor systems.
~55%
Risk factors

What keeps Manufacturing CISOs awake

SCADA systems running Windows XP/7 on production floors — unpatched, internet-adjacent, controlling physical processes

MES platforms from the 2000s with no API layer — data trapped in proprietary formats

ERP-to-shop-floor integration through file exports, manual entry, and batch processes

Supply chain management on spreadsheets and legacy EDI — no real-time visibility

OT/IT convergence creating new attack vectors through legacy operational technology

Stack comparison

Typical vs Recommended

Typical Manufacturing stack
.NET Framework (4.x) 39
SQL Server 52
Oracle Database 40
SAP ERP 29
IIS 35
Recommended modern stack
Python 3 85
PostgreSQL 81
Docker 77
FastAPI 80
React 73
Score your own stack →
Regulatory landscape

Compliance Exposure

IEC 62443

Industrial cybersecurity standard. Legacy SCADA and PLC systems often cannot meet current security zone requirements.

NIST Cybersecurity Framework

Federal guidance for critical infrastructure. Manufacturing OT systems frequently have unmitigated gaps.

ISO 27001

Information security management. Legacy system integration makes scope definition and control implementation challenging.

Supply Chain Due Diligence

EU CSDDD and US executive orders requiring supply chain visibility. Legacy systems can't provide it.