Skip to content

MES and Cyber security



Cyber security is more than just a buzzword today - it is an inescapable necessity for protection in the modern industrial landscape. For manufacturing companies, digital transformation has proven to be a double-edged sword. On the one hand, it offers immense opportunities to increase efficiency and automation. On the other hand, it has brought with it a multitude of risks and threats that have the potential to paralyze entire operations.

In our article on MES and cyber security, we aim to examine the critical importance of cyber security in Manufacturing Execution Systems (MES ). In particular, we look at the different aspects of traditional on-premises MES architectures and modern cloud-native MES products.

In light of recent incidents and their severe impact on the manufacturing industry, we will shed light on how companies can protect their critical infrastructures.

Comparing these two approaches will not only provide insight into their respective security features and risks, but also practical insights into how companies can strengthen their defense strategies against the ever-evolving cyber threats.

Cyber attacks in the manufacturing industry

In recent years, cyber attacks in the manufacturing sector have increased significantly, with attackers' tactics becoming increasingly sophisticated. From ransomware that shuts down entire production lines to sophisticated phishing attacks that target highly sensitive company data, the threats are real and costly.

Costs of a cyber security incident

The costs of a cyber security incident can vary significantly depending on the severity of the incident and the size of the organization affected. Direct and indirect costs include:

  • Recovery and repair: costs of restoring compromised systems and data.
  • Legal costs: Costs for legal disputes that could result from the incident.
  • Penalties and fines: Potential penalties associated with data breaches.
  • Loss of reputation: Long-term damage to the brand and customer trust.
  • Business interruption: Losses due to business interruptions and delays.

In 2023, the global cost of cybercrime is estimated to reach over 6 trillion US dollars, double the amount since 2015. These alarming figures underline the growing threat that cyber attacks pose to companies of all sizes and industries.

Especially in manufacturing companies, which are increasingly digitizing, the risks and potential damage from such attacks are particularly high. Reports show that almost 40% of industrial companies have been victims of cyber-attacks in recent years, with the average cost of a single security incident estimated at over 5 million US dollars.

These statistics highlight not only the financial losses associated with cyber-attacks, but also the long-term impact on business confidence, customer relationships and market position. In this context, cyber security becomes not only a technical necessity, but a central part of strategic business management, especially when it comes to the implementation and management of Manufacturing Execution Systems (MES).


Part I: On-premises MES solutions


1. Definition and general features of on-premises MES

An on-premises manufacturing execution system (M ES) is a software solution that is installed locally on the servers and computers of a manufacturing company. These systems are designed to monitor and control all aspects of production processes - from raw materials and production planning to quality assurance and delivery. On-premises MES give companies full control over their data and processes, but at the cost of maintaining and managing their own IT infrastructure.

2. Responsibilities for operation

  • Installation and maintenance of hardware
    Companies must procure, install and maintain the necessary hardware, which requires a high initial investment and ongoing costs for hardware updates.

  • Updating and managing the software
    Software updates remain the responsibility of the company, including patch management and ensuring that all systems are up to date.

  • Ensuring data integrity and availability
    On-premises solutions require robust backup and disaster recovery strategies to prevent data loss in the event of hardware failure or cyber-attacks.

3. security aspects

  • Physical security measures
    Physical access to the server rooms must be strictly controlled to prevent unauthorized access. This includes security locks, surveillance cameras and access control systems.

  • Network security and access control
    Network security measures such as firewalls, intrusion detection systems (IDS) and regular security audits are crucial to protect the network from external and internal threats. System-level access control must also be strictly regulated to ensure that only authorized personnel have access to sensitive data and control functions.

  • Security risks and common security threats
    On-premises systems are vulnerable to a variety of threats, including malware, ransomware, phishing and more. The lack of external monitoring and the need to manage security measures internally increases the risk.

  • Measures to prevent and respond to security incidents
    It is critical that organizations have a pre-defined incident response plan that is activated immediately when a security incident is detected. This should include regular security training for employees to educate them on the latest cyber threat tactics and how to recognize and report them.

While on-premises MES solutions offer a high level of control and customizability, they require significant investment in physical and network security measures as well as ongoing system maintenance.

Companies need to weigh these costs and efforts against the benefits of having complete control over their systems and develop a comprehensive security strategy to protect against the increasing number and complexity of cyber threats.


Part II: Cloud-native MES based on Microsoft Azure


1 . Definition and characteristics of cloud-native MES

Cloud-native MES solutions use the scalability and flexibility of the cloud infrastructure to meet the requirements of modern manufacturing processes. These systems are deployed and managed directly over the internet, eliminating the need to maintain your own physical servers and infrastructure. Microsoft Azure provides a robust platform that not only ensures high availability and scalability, but also integrates advanced security features.

2. Responsibilities for operation

  • Role of Microsoft Azure in hosting and operations
    Azure takes care of all hardware maintenance, scaling resources as required and ensuring high availability of services.

  • Automated updates and patch management by Microsoft
    Software and security patches are updated automatically by Microsoft, which takes the burden off companies' IT departments and helps to close security gaps quickly.

  • Scalability and flexibility of cloud resources
    Companies can easily adapt their MES capacities to changing requirements without having to invest in new hardware.

3. security aspects

  • Overview of the security features provided by Microsoft
    Microsoft Azure offers a variety of security tools and services, such as Azure Security Center, Azure Firewall and Azure Identity and Access Management, which enable comprehensive security monitoring and management.

  • Data encryption, both in transit and at rest
    Azure encrypts all data in transit and at rest, significantly improving data protection.

  • Identity and access management through Azure Active Directory
    Azure AD provides advanced identity management services, including Multi-Factor Authentication and Conditional Access Policies, which ensure that only authorized users have access to the systems.

  • Compliance and certifications relevant to industry standards
    Microsoft Azure complies with a wide range of international and industry-specific compliance standards, providing additional confidence in the security of the platform.

Cloud-native MES solutions based on Microsoft Azure offer an attractive alternative to on-premises systems, especially for companies that want agile and easily scalable solutions without having to carry the burden and cost of their own IT infrastructure.

By outsourcing most operational and security management tasks to Microsoft, companies can focus more on their core business. These solutions not only reduce total cost of ownership, but also improve security posture by leveraging advanced security technologies and compliance standards provided by Microsoft.


Part III: Comparative analysis


1. Operating model comparison


  • On-premises: Substantial initial investment is required for hardware and software. There are also ongoing costs for maintenance, updates and energy consumption.
  • Cloud-native: Costs are typically based on a subscription model that scales with usage. Less capital expenditure upfront and potentially lower total cost of ownership by outsourcing IT management.

Operational complexity and expertise required

  • On-premises: Requires extensive IT expertise within the company for installation, maintenance and security of systems
  • Cloud-native: Most of the technical complexity is handled by Microsoft Azure, which reduces the need for in-house IT expertise.

Responsiveness to technological changes and threats

  • On-premises: The company itself is responsible for implementing new technologies and security updates, which can lead to delays.
  • Cloud-native: Rapid integration of new features and security patches by the cloud provider, enabling agile adaptation to new technologies and threats.

2. Security comparison

Evaluation of the security levels

  • On-premises: High level of security possible, but heavily dependent on the company's resources and expertise. The risk of human error remains a challenge.
  • Cloud-native: Generally high security standards by the cloud provider, underpinned by constant updates and advanced security technologies.

Analysis of dependency on external vs. internal resources

  • On-premises: Complete dependency on internal resources and capacities to ensure security and operation
  • Cloud-native: Dependence on the security and availability of the cloud provider's services, which can be both an advantage and a risk, especially in the event of service outages or data breaches.

Discussion of data protection aspects in both models

  • On-premises: Potentially greater control over data protection as all data is stored locally
  • Cloud-native: Requires trust in the cloud provider in terms of compliance with data protection laws and standards, but also provides access to advanced security and compliance tools.

The choice between an on-premises and cloud-native MES should be made based on a thorough assessment of an organization's specific needs and resources. While on-premises solutions (theoretically) offer organizations maximum control, cloud-native solutions allow for greater flexibility and cost control, as well as access to the latest technologies and security measures.

At a time when cyber threats are constantly growing and becoming more complex, opting for a cloud-based system could help many organizations improve their security while working more efficiently.


In a world increasingly dependent on digital technology, the right choice of Manufacturing Execution System (MES) is critical to the competitiveness and security of a manufacturing business. As we have seen, each model - on-premises and cloud-native - offers specific benefits and challenges. However, the analysis has shown that the cloud-native MES solution in particular, based on Microsoft Azure, offers a decisive advantage in many aspects.

First, the cloud-native solution minimizes the operational costs and complexity associated with owning and maintaining in-house IT infrastructures. Companies benefit from the cost structure of a subscription model that enables scalability without the need for large upfront capital investments. This leads to a more efficient use of resources and allows companies to focus on their core competencies instead of spending valuable resources on IT infrastructure maintenance.

Secondly, Microsoft Azure's cloud-native platform provides a comprehensive security architecture that is constantly updated and strengthened by Microsoft's extensive investment in cyber security. This model not only ensures high data security through advanced encryption technologies and comprehensive access controls, but also provides robust compliance with global data protection standards that are critical for manufacturing companies.

Thirdly, the agility that cloud-native systems offer is essential in today's fast-moving business world. Companies can respond quickly to market changes, seamlessly expand or reduce capacity and benefit from the latest innovations without the need for time-consuming and costly upgrades to their systems.

While on-premises MES is a solid option for certain organizations that have specific requirements or want full control over their systems, the cloud-native MES solution based on Microsoft Azure appears to be the future-proof choice.

It offers a combination of flexibility, cost control and world-class security that makes it particularly attractive to manufacturing companies looking for efficient, scalable and secure production solutions. At a time when cyber threats are a constant and growing challenge, choosing a cloud-native MES is a strategic decision that will not only help companies improve their current security posture, but also ensure a sustainable future in the digital world.

In addition to MES, ERP (Enterprise Resource Planning) systems also play a central role in digital transformation and make a decisive contribution to the integration and optimization of operational processes.


MES - further information

Discover more exciting articles on the topic of Manufacturing Execution Systems (MES) below:

In addition, MES plays an important role in production control, lean production, continuous improvement, Kaizen, Six Sigma and store floor management in recognizing the potential for improvement in production. MES products enable efficient communication and coordination directly at the production level (operational excellence), which is essential for the identification and rapid resolution of problems.


MES - how you can get started today

SYMESTIC is one of the world's leading providers of cloud-native MES systems. Book a 4-week evaluation without obligation and see for yourself how quickly, easily and cost-effectively you can get started with Software-as-a-Service (SaaS).

Harness the power of the most innovative manufacturing software to make your production more efficient tomorrow and strengthen your IT security!

Start working with SYMESTIC today to boost your productivity, efficiency, and quality!
Contact us
Symestic Ninja