Digital Content Editor, Eve Goode speaks exclusively with Steffan Roxrud Thorvaldsen, CEO of Qbee about the rising cyber-threats facing connected manufacturing and industrial infrastructure.
Can you tell me about Qbee’s role within the security industry and about your job role as CEO?
Qbee helps organisations deploy, manage and secure large fleets of connected devices operating in industrial environments, where downtime security failures or lost connectivity are not only a matter of business resilience but public safety.
Qbee is used across sectors including manufacturing, aerospace, smart farming and critical infrastructure, including the UK manufacturing facility LISI Aerospace, a provider of high-tech aircraft components.
As CEO, my role is to lead the strategic direction and growth of the company, while working closely with clients and partners to understand the operational challenges they face as industrial systems become increasingly connected.
A core priority is ensuring Qbee continues to help organisations manage connected infrastructure securely and reliably at scale, without adding unnecessary complexity.
Why are manufacturing and industrial plants increasingly becoming prime targets for geopolitical cyber-attacks?
Manufacturing plants are increasingly becoming exposed to cyber-risks because modern industry now relies heavily on connected systems to keep operations running.
Factories now operate as ‘smart’ environments where everything is connected, from sensors and cameras to robotics and control systems.
This introduces multiple entry points for bad actors and once they’re inside, they can interfere with production lines, halt logistics and cause widespread operational downtime.
As manufacturing is the backbone of global supply chains and economic resilience, disrupting an interconnected major industrial operation can have cascading effects, impacting thousands of businesses and workers far beyond the original target.
In some cases, cyber-attacks can disrupt a nation’s economy, weaken national security and undermine trust in government.
The Jaguar Land Rover incident last year demonstrated the far-reaching impact a singular cyber-attack can have on industrial infrastructure.
The episode brought production to a standstill and rippled across supply chains, impacting thousands of businesses and ultimately cost the UK close to £2 billion.
What specific vulnerabilities do connected IoT devices introduce into industrial environments?
Connected IoT devices can introduce a range of vulnerabilities into industrial environments because they are often deployed at scale with inconsistent security controls.
Common issues include outdated software, weak or default credentials, insecure remote access, poor network segmentation and a lack of visibility over what devices are connected to the network.
Many industrial devices are also deployed for years without regular patching or security monitoring.
Routers, IP cameras, industrial IoT sensors and smart meters typically sit at the edge of networks and can act as gateways into much larger operational networks.
In industrial environments, all it takes is one unsecured connected device to create a backdoor into a wider network.
Once inside, attackers can move laterally through systems, disrupt production lines, interfere with industrial processes or compromise critical operational technology.
In practice, this could mean shutting down safety systems, altering how machinery operates, disrupting critical processes or halting production entirely.
In more severe cases, compromised industrial systems can increase the risk of equipment damage, operational failure, accidents, physical harm or even loss of life.
How can insecure device management platforms increase cyber-risk across multi-site manufacturing operations?
Device management platforms sit at the centre of industrial operations, often connecting thousands of devices across multiple factories, warehouses and remote sites.
If those platforms are not properly secured, they can create highly vulnerable centralised entry points.
A compromised management system can give bad actors visibility and access across entire fleets of connected devices, enabling them to push malicious updates, disrupt operations remotely or move between sites and networks.
In large, interconnected manufacturing environments, a single weak point can quickly escalate into widespread operational disruption across multiple locations.
How exposed are the UK, EU and US industrial facilities to cyber-threats today?
Industrial plants across the UK, EU and US are highly exposed to cyber-threats today due to the rapid growth of connected systems, automation and the increasing convergence of information technology (IT) and operational technology (OT).
Manufacturing has now become the most targeted sector for cyber-attacks globally for five consecutive years, accounting for 27.7% of all cyber-incidents in 2025, according to the IBM X-Force Threat Intelligence Index 2026 report.
As factories become more digitised, attackers are moving beyond traditional IT networks and increasingly targeting industrial control systems and connected operational environments directly.
Simultaneously, threat actors are becoming more sophisticated, using AI-powered tools to automate reconnaissance, identify vulnerable connected devices at scale and craft highly convincing social engineering lures to gain initial access.
Looking ahead, what steps can manufacturers take to better protect themselves and reduce operational technology security risks?
Looking ahead, manufacturers need to treat OT security as a core operational resilience issue rather than just an IT concern.
Organisations need accurate, up-to-date inventories of every connected asset, alongside the ability to monitor, update and secure systems remotely at scale.
Without that visibility, vulnerabilities can easily go unnoticed and unpatched.
Manufacturers should deploy OT-aware monitoring tools capable of detecting suspicious behaviour within industrial environments without disrupting operations, while maintaining rigorous offline backup and recovery protocols to ensure critical systems can be restored quickly in the event of an attack.
As factories become increasingly connected and automated, ensuring strong security across these environments is essential to maintaining the safe and reliable operation of critical infrastructure.
