Smart Factories Expose Critical IoT and Legacy System Gaps, Raising TPRM Concerns
What Happened — In a recent Help Net Security interview, Packsize CSO Troy Rydman highlighted pervasive cybersecurity weaknesses in modern smart‑factory environments. Unpatched IoT sensors, legacy PLCs, and human‑focused social‑engineering vectors are repeatedly overlooked, creating low‑cost footholds for threat actors.
Why It Matters for TPRM —
- Third‑party IoT devices and aging control‑system hardware expand the attack surface of manufacturing supply chains.
- Unmanaged legacy equipment can become a conduit for breaches that cascade to downstream partners and customers.
- Human error and phishing remain the most exploitable entry points, underscoring the need for continuous security awareness across all vendor relationships.
Who Is Affected — Manufacturing, supply‑chain, warehousing, and industrial automation vendors; SaaS and cloud providers that integrate with legacy plant control systems.
Recommended Actions — Conduct an inventory of all IoT and legacy assets within vendor environments, enforce strict patch‑management and network segmentation, and mandate regular security‑awareness training for personnel interacting with third‑party equipment.
Technical Notes — Attack surface growth is driven primarily by insecure IoT devices with default credentials, lack of firmware updates, and insufficient segmentation of legacy PLCs. Human‑focused phishing campaigns exploit the same trust relationships that third‑party vendors rely on for operational continuity. Source: https://www.helpnetsecurity.com/2026/03/16/troy-rydman-packsize-smart-factory-cybersecurity-risks/