CFOtech US - Technology news for CFOs & financial decision-makers
United States
Industrial factory hospital server room cybersecurity shield
#
Ransomware
#
Network Security
#
Phishing

Industrial manufacturing tops Digitain cyber risk ranking

Wed, 29th Apr 2026 (Today)
Author image
By Shannon Williams, News Editor

Digitain has published a study ranking industrial manufacturing as the industry most exposed to cybercrime. Healthcare and information technology followed on its cyber risk index.

The analysis combines weekly attack volumes, annual growth in attacks, breach counts, breach costs, phishing susceptibility and ransomware rates into a Cyber Risk Score from 1 to 99. Industrial manufacturing scored 99, followed by healthcare and medical on 96, information technology on 92, financial services on 89 and software on 87.

Factories stood out for the scale and breadth of the threat. Industrial manufacturers face 1,567 cyber attacks a week worldwide, up 19% year on year, alongside an estimated 1,607 data breaches annually, more than any other sector in the ranking.

Ransomware was a particular concern in manufacturing. Digitain estimated that 20.7% of organisations in the sector face ransomware incidents, with attacks disrupting production before payments are demanded. The average breach cost was put at USD $5 million.

Healthcare ranked second but carried the highest financial toll when attackers break through. Average breach costs in healthcare and medical were estimated at USD $7.42 million, the highest of any industry in the top 10, while attacks reached 2,365 a week and employee phishing susceptibility was 53.6%.

That was also the highest phishing figure in the table. More than half of healthcare workers fall for phishing scams, leaving hospitals and clinics exposed as attacks on the sector continue to rise.

Information technology ranked third and recorded one of the fastest increases in hostile activity. Weekly attacks were put at 1,148, up 36% year on year, with estimated annual breach counts of 1,039 and average breach costs of USD $4.79 million.

Financial services placed fourth, with 1,735 weekly attacks and 927 estimated breaches a year. Average breach costs in the sector were put at USD $5.56 million, while 44.7% of staff were described as phish-prone and 6.5% of incidents involved ransomware.

Software rounded out the top five. Digitain estimated 1,834 weekly attacks on software businesses, a 35% annual increase, alongside 720 breaches a year, average breach costs of USD $4.79 million, a phishing susceptibility rate of 41% and a ransomware rate of 7%.

Below the top five were wholesale and distribution, business services, energy and utilities, consumer goods and services, and biotech and pharmaceuticals. Energy and utilities recorded the sharpest year-on-year growth in weekly cyber attacks at 37%, although its overall cyber risk score of 80 left it eighth in the table.

Some sectors showed a different balance of risks. Wholesale and distribution recorded a 3% annual decline in weekly attacks, yet still ranked sixth because of relatively high phishing susceptibility at 47% and a ransomware rate of 12.6%.

The figures suggest attackers are not concentrating on a single type of target. Instead, cyber risk is spreading across sectors that hold sensitive data, run critical systems, manage payments or rely on large workforces that can be exploited through email fraud.

Manufacturing appears especially exposed because cyber incidents can have immediate operational effects. A ransomware attack on a plant can halt production lines, disrupt deliveries and increase pressure to restore systems quickly, making the sector attractive to criminal groups seeking payment.

Healthcare presents a different profile. While ransomware rates were lower than in manufacturing, the combination of costly recoveries, high attack volumes and strong phishing vulnerability suggests staff awareness remains a central issue for hospitals and clinics.

Technology businesses also feature prominently despite their familiarity with digital security tools. Information technology and software both ranked in the top five, indicating that companies involved in building and supplying technology are also frequent targets and that technical expertise does not remove exposure to routine attack methods such as phishing.

A cybersecurity expert from Digitain said staff behaviour remains a decisive factor in many incidents. "Teaching employees basic cyber hygiene has become critical for every company. Even hospitals need to train their staff, and while you wouldn't expect medical workers to be tech experts, they're handling personal information that's basically the new gold now. With AI now automating these attacks, hackers can send thousands of convincing fake messages in minutes, which massively increases the risk. One employee mistake opens the door to your entire system."

Related stories
AI PC adoption moves from pilots to workplace rollout
Ant International launches mobile AI payment protocol
Bitget says 460,000 users adopted its AI trading tools
Forrester says physical AI will drive next breakthrough
Agiloft launches free Astra AI for contract analysis

Top stories

Banks struggle to move AI pilots beyond test stage
Backbase named Forrester leader & customer favourite
CFOs to gain margin points by backing AI strategically
Temenos named Forrester leader in digital banking tech
NUVA Digital raises USD $5.2 million for Web3 asset platform