Manufacturers Urged to Fortify Design Data: Experts Warn of Global Leak Risks

Manufacturing leaders are sounding a warning: design data for U.S. electronics manufacturers is being shared worldwide without adequate controls. MacroFab CEO Misha Govshteyn told EE Times that many customers lack clear data policies, making their IP vulnerable to leaks from unencrypted emails and CAD files sent to unverified partners.

Industry 4.0 has turned factories into data hubs, generating petabytes of process information that can expose trade secrets if they fall into the wrong hands. Govshteyn, with 25 years of experience in cybersecurity, privacy and compliance, argues that most manufacturers—and many cybersecurity experts—underestimate how far their data travels, especially to hostile nation‑states.

DoD’s Cybersecurity Mandate

The U.S. Department of Defense is tightening security for contractors through the Cybersecurity Maturity Model Certification (CMMC), which protects federal contract and controlled unclassified information. About 20‑30% of the 400,000 U.S. manufacturers earn revenue from defense contracts, and the DoD is now embedding CMMC requirements directly into contracts for 2024 and beyond.

Padraic O’Reilly, co‑founder of CyberSaint, emphasizes that companies must have a CMMC report ready to secure federal work. He also lists basic safeguards—two‑factor authentication, encrypted email, network segmentation, backups, mobile device management, and an incident‑response plan—that form the foundation of cyber risk management.

Real‑World Consequences

BitLyft CEO Jason Miller recounts a military general’s frustration: the enemy replicated U.S. technology after a design theft from a DoD supplier, highlighting the stakes of data exposure. Miller stresses that “set‑and‑forget” solutions are ineffective; continuous monitoring and proactive threat detection are essential.

Misplaced Trust in Legacy Formats

Legacy file types like Gerber are often cited as safeguards, yet they can actually impede collaboration and slow manufacturing. Oren Manor of Siemens Opcenter notes that even revealing a single PCB from a 100‑board missile design offers insufficient context for reverse engineering, but the protection mindset hinders efficient workflows.

Cloud vs. On‑Premises Storage

Some firms dismiss cloud storage as insecure, citing “zero‑cloud” policies. However, leading cloud providers maintain rigorous security, and the industry’s shift toward traceability and sustainability—driven by circular‑economy goals—will force greater data sharing across supply chains.

Senior VP of Global Operations at Flex, Glen Tan, argues that traceability requirements will unlock data exchange, enabling Industry 4.0 to deliver real value.

In summary, safeguarding manufacturing design data demands a layered strategy: robust cybersecurity controls, compliance with DoD mandates, and a culture that balances protection with operational agility.

References

• EE Times interview with Misha Govshteyn (2026)
• CMMC Overview – Department of Defense (2024)
• CyberSaint – O’Reilly’s insights (2026)
• BitLyft – Miller’s briefing (2026)
• Siemens Opcenter – Oren Manor (2026)
• Flex – Glen Tan (2026)