Digitalisation increases risk. Companies are not ready

The ongoing digitalisation of manufacturing, combined with the growing use of artificial intelligence, is significantly increasing risk levels, while many organisations remain unprepared.

“We are living in a time when we are all becoming technology companies,” says Łukasz Ozimek from EXEA Data Center in an interview with Evertiq. “Whether we manufacture electronics or provide services, we are creating digital assets that must be protected.”

Manufacturing becomes a digital system

Modern production facilities are increasingly built around integrated IT systems – from design and quality control to production management and logistics.

The introduction of advanced inspection systems, automated data analysis, and AI-driven tools means that critical production processes are now directly dependent on IT infrastructure.

This, in turn, means that a potential cyber incident is no longer just an IT issue. It can directly affect product quality, production continuity, and the safety of the entire process.

“It only takes interference in measurement data or control systems for a product to stop meeting requirements,” Ozimek points out.

In practice, a cyberattack on production infrastructure can now halt an entire plant – not by physically damaging machines, but by interfering with the systems that control them. Disruptions in control systems, changes to production parameters, or blocked access to data are enough for production lines to stop or begin generating defective output.

Such a scenario does not just mean downtime. It translates into real business consequences: delayed deliveries, broken contracts, and financial penalties. In contract manufacturing environments or high-precision industries such as electronics, even a short disruption can trigger a domino effect across the supply chain.

The human factor remains the weakest link

Despite increasing technological complexity, the primary source of risk remains the human factor.

Experience from cybersecurity firms shows that most incidents result from user errors – clicking a malicious link, downloading an infected file, or using unsecured tools.

“The weakest link is always the human. It is not the technology that fails first,” Ozimek explains.

This is why so-called cyber hygiene becomes the foundation of protection: clear procedures, employee training, multi-factor authentication, and strict access control.

Attacks that emerge with delay

One of the more challenging developments is the growing number of ransomware attacks that do not act immediately.

Malware can remain dormant in a system for months before activating and encrypting data.

“It happens that malware is triggered after six months. By then, backups are already infected,” says Ozimek.

In practice, this means that simply creating backups is no longer sufficient. They must be regularly tested and stored across multiple locations.

Data sovereignty under pressure

With the increasing use of cloud solutions, the issue of data sovereignty is also coming to the forefront – where data is stored, who can access it, and which legal framework applies.

“Companies often fail to ask the most basic questions: where their data is physically located, who can access it, and under which jurisdiction it falls,” Ozimek notes.

When relying on global cloud providers, the situation is further complicated by legal frameworks such as the Cloud Act, which allows US authorities to access data held by American companies, regardless of where that data is stored.

New regulations reshape the approach

Rising threats and the growing importance of digital infrastructure are now reflected in legislation. In Poland, regulations stemming from the implementation of the NIS2 Directive are coming into force, imposing concrete cybersecurity obligations on companies.

The new rules will affect tens of thousands of businesses and introduce requirements such as risk identification, the implementation of security procedures, and the appointment of responsible personnel.

Importantly, liability for non-compliance lies directly with company management.

“This is a fundamental shift. Cybersecurity is no longer an IT topic – it becomes the responsibility of the entire organisation,” Ozimek emphasises.

A model replacing in-house teams

For many companies, building in-house cybersecurity teams operating 24/7 remains out of reach – both in terms of cost and the availability of specialists.

As a result, a service-based model is gaining traction, built around external Security Operations Centers (SOC), which monitor infrastructure continuously and respond to incidents in real time.

“Companies are not able to maintain such capabilities on their own. That is why they are increasingly turning to a hybrid model,” Ozimek says.

This approach enables continuous monitoring of anomalies, rapid threat detection, and mitigation before incidents impact operations.

A problem yet to fully surface

Despite the growing number of incidents and new regulations, awareness levels in many organisations remain limited.

Particularly in the manufacturing sector, cybersecurity is still often treated as a secondary issue, even as digitalisation is advancing there the fastest.

As a result, many companies may only face the real consequences of neglect in the coming years – both operational and financial.

Dawid Goljat from EXEA Data Center will speak at the conference accompanying Evertiq Expo Kraków 2026 on May 7. His presentation will address the shift from compliance to resilience – how to build real cybersecurity in the era of uKSC and NIS2. Registration for the event is now open.