Physical security risk management for manufacturing
When a line stops, the cost is measured in dollars per minute, and a security event is one of the ways it stops. Holtium brings every plant, warehouse, and yard into one place, puts a dollar figure on the risk at each site, and helps your team decide what to fix first.
If your exposure is loads in motion, carriers, and distribution networks rather than plants, see Holtium for Logistics.
The stakes
lost by Fortune Global 500 companies to unplanned downtime in a year, about 11 percent of revenue. In automotive, one unproductive hour costs about $2.3M.
Siemens, The True Cost of Downtime, 2024.
of annual revenue is what the typical organization loses to occupational fraud, and asset misappropriation, the theft or misuse of the company's own resources, appears in 90 percent of cases.
ACFE, Occupational Fraud 2026: A Report to the Nations.
at first or second place is business interruption's run in the Allianz Risk Barometer before ranking third in 2026. It remains the top operational concern for industrial companies.
Allianz Risk Barometer 2026.
Every plant is different, and you are asked to compare them anyway
One plant was built in the nineties and secured piece by piece ever since. Another opened two years ago with a modern access control stack. A third came in through an acquisition with a guard contract nobody has reviewed. Each one carries a different risk with a different vintage of controls, and your budget has to cover all of them.
Most manufacturing security teams manage this with plant assessments in separate documents, a rating scale that calls everything medium, and spending decisions defended by judgment alone. When the CFO asks why the next dollar goes to one plant and not another, there is no evidence behind the answer. That is the gap this page is about.
Business risk through a physical security lens
Business interruption ranked first or second in the Allianz Risk Barometer for fifteen straight years and sits third in 2026, and for good reason: Siemens puts the cost of one unproductive hour in automotive at about $2.3M.
An intrusion that forces an evacuation, a sabotaged panel, or a blocked gate is one path to that hour, and unlike equipment failure, it is a path your security program is accountable for.
The typical organization loses about 5 percent of annual revenue to occupational fraud, and asset misappropriation appears in 90 percent of cases (ACFE, 2026).
In manufacturing that means raw materials, scrap streams, and finished goods leaving through the same gates your people use, in schemes that run for years because each load looks routine. Copper prices have added market pull: reported thefts targeting US infrastructure nearly doubled from late 2024 to mid-2025 (USTelecom), and the same buyers take cable, stock, and equipment from plants and yards.
The Bureau of Labor Statistics recorded 470 workplace homicides in 2024, and production occupations are consistently among the groups where workplace violence concentrates.
OSHA's general duty clause makes a workplace free from hazards likely to cause death or injury a legal obligation, so each incident carries a safety response cost, and duty of care that cannot be evidenced compounds into legal exposure.
In manufacturing, the competitive advantage often is the process: the line layout, the tooling, the recipe, the pilot plant running next year's product.
A visitor walkthrough, an unescorted contractor, or a phone on the floor can expose what a competitor spent years failing to build, and the loss shows up as market share that never appears on an incident report.
Acquisitions, decades of organic growth, and regional autonomy leave most manufacturers with plants secured to different standards, run by different contracts, and assessed on different scales.
The risk is not any single site. It is that nobody can see which sites are carrying the most exposure, so money flows to the plants that ask loudest rather than the ones that need it most.
workplace homicides recorded in 2024. Production occupations are among the groups where workplace violence concentrates most.
The platform your security team runs the program on, tuned to how manufacturing operates
Holtium brings your risks, controls, locations, and spending into one place, helps your team decide what to do next, and measures it all in dollars so leadership can act on it. A Holtium team works alongside yours, so you get the analysis without building it.
Your risk register covers the risks this industry actually carries: interruption of production, theft of materials and finished goods, violence on the plant floor, exposure of proprietary processes, and the gaps that open when plants are secured to different standards. Build it in the platform, or bring in the one you already have.
Control mapping connects every control you already run, perimeter fencing, badge readers, cameras, guard posts, contractor and visitor management, and scrap handling procedures, to the risks it reduces and the plants it covers, so you can see that the flagship plant is well protected while an acquired site is carrying more exposure than anyone had written down.
The roadmap turns decisions into tasks with owners, budgets, and tracking, and the What-If simulator shows the effect of a decision before you commit a dollar to it, such as hardening a laydown yard versus upgrading access control at a pilot facility, so prioritization across your plants is an evidenced decision rather than an instinct.
A dollar figure your CFO will question, built to survive the questioning
We start with your baseline, the risk each plant would face with nothing but doors, walls, and locks, then subtract what your current controls already prevent. What remains is your exposure today, broken into the losses behind it, such as the production time a stopped line costs, replacing stolen materials, and the safety response an incident on the floor demands.
It is built on recognized standards and loss data, the same quantitative discipline used in cyber, operational risk, and engineering. It begins as a range rather than a false-precise figure and sharpens as we verify your controls, and every figure traces back to what drove it.
Each quarter, leadership gets an executive risk report that reads like finance: where exposure stands across the footprint, what moved it, and what comes next.
Inherent, losses avoided, and residual risk exposure, split into loss types. Manufacturing sample data.
Your plant assessments and control inventories are the input, not wasted work
You share what you already track, in any format: partner provider assessments, spreadsheets, guard post orders, insurance schedules. We map it to your risks and plants for you, and most teams are up and running within weeks. Your job is to review and confirm, not to do the heavy lifting.
Questions manufacturing teams ask
How do you put a dollar figure on security risk across your plants?
We model each risk at each plant and warehouse using recognized standards and loss data, the same quantitative discipline used in cyber, operational risk, and engineering. The figure starts as a range, sharpens as your controls are verified, and always traces back to what drove it, so your team can defend it in front of a CFO or a board.
What does a plant security risk assessment look like across many sites?
You share what you already track and we map it, so the first quantified picture covers your full footprint rather than one pilot plant. Every plant is assessed on the same scale, which is what makes them comparable: you see which sites carry the most exposure in dollars, not which ones scored a three instead of a two on someone's five-point scale.
We already have assessments from a partner provider. Do we start over?
No. Existing assessments are exactly the input the platform wants. We ingest them, map the findings to risks, controls, and plants, and your team reviews and confirms. The work you have paid for becomes the starting picture instead of a drawer of PDFs.
How does this work in a union environment?
Carefully and factually. Holtium assesses sites and controls, not individuals, and nothing in the platform monitors worker behavior. Where a control decision touches represented employees, such as changes to access procedures or contractor policies, the platform gives you the documented risk evidence to bring to that conversation, and the record of what was decided and why.
How does physical security connect to our cyber and OT exposure?
A cloned badge at the gate or an unescorted visitor on the plant floor is a cyber event that starts as a physical one. Holtium prices the physical half: access to control rooms, server rooms, and OT infrastructure is modeled like any other risk, so hardening decisions stand next to every other investment in dollars.
See what your exposure is worth across your plants
You stay in charge of the program. We do the analysis, so you get the evidence without building it.