The study found that 84% of manufacturing organizations experienced at least one API-related security incident in the past 12 months.
Key takeaways
API incidents are becoming a recurring risk to manufacturing operations. Manufacturing organizations are no longer dealing with API-related security incidents as isolated events. The data points to a pattern of recurring disruption, with 25% of manufacturing organizations experiencing more than five incidents within the span of 12 months.
Limited visibility into sensitive data is making API risk harder to prioritize. While 73% of manufacturing organizations report having a full API inventory, only 18% have both a complete inventory and visibility into which APIs return sensitive data.
Security investment is increasing, but execution gaps persist across the API lifecycle. Manufacturing organizations are placing greater emphasis on API security as connected systems, AI adoption, and compliance expectations increase pressure on security teams.
Frequently Asked Questions (FAQ)
While 73% of manufacturing organizations report having an API inventory, only 18% possess both a complete inventory and deep visibility into which APIs return sensitive data.
The top cited business impacts include loss of productivity (37%), downtime or outages (33%), and a loss of customer goodwill and churned accounts (31%).
Attacks involving APIs linked to AI technologies, such as applications, agents, and large language models (LLMs), are the most common, reported by 44% of organizations.
Only 10% of manufacturing organizations fully integrate security testing across their API lifecycle and CI/CD pipelines.
The study revealed that 36% of respondents stated their API security incidents involved the exploitation of unmanaged, shadow, or zombie APIs.
The data reflects insights from 305 manufacturing security professionals who were evenly split across C-level executive, AppSec, and DevSecOps roles.