OT security becomes a board priority for enterprises


Operational technology (OT) can often be a cybersecurity weak spot for enterprises, relying as it does on older hardware and operating systems that are hard to update.
It’s no surprise then that a new report from Fortinet shows there has been a significant increase in the global trend towards corporations planning to integrate cybersecurity under the CISO or other executives.
Medical devices vulnerable to exploits and insecure connections


A new report from Claroty finds that 89 percent of healthcare organizations have medical devices vulnerable to ransomware-linked exploits and insecure internet connectivity.
Based on analysis of more than 2.25 million Internet of Medical Things (IoMT) devices and 647,000-plus OT devices across 351 healthcare organizations, the report finds 99 percent have at least one known exploited vulnerability (KEV) in their networks, while 78 percent of hospitals have OT devices with KEVs, including building management systems, power supplies, and temperature controls.
Over half of organizations experience incidents involving industrial control or operational tech


Over the past year, more than 50 percent of organizations have experienced at least one security incident involving ICS/OT systems. Among the top vulnerabilities exploited are internet-accessible devices (33 percent) and transient devices (27 percent), often used to bypass traditional defenses.
A new report from the SANS Institute, in partnership with OPSWAT, shows that while 55 percent of organizations reported increased ICS/OT cybersecurity budgets over the past two years, much of that investment remains heavily skewed toward technology, with limited focus on operational resilience.
Attacks on manufacturing up but less than half businesses are prepared


A new study from Omdia finds that 80 percent of manufacturing firms experienced a significant increase in overall security incidents or breaches last year, but only 45 percent are adequately prepared in their cybersecurity.
The survey of over 500 technology executives worldwide shows a heightened risk of cyber attacks comes as manufacturers move to leverage IT such as cloud, AI, and Internet of Things (IoT) as part of their digital transformation -- a process defined as Industry 4.0.
Operational tech devices exposed to known vulnerabilities


Analysis of close to one million operational technology (OT) devices by Claroty's Team82 research group finds that 12 percent contain known exploited vulnerabilities (KEVs), and 40 percent of the organizations analyzed have a subset of these assets insecurely connected to the internet.
The report uncovered over 111,000 KEVs in OT devices across manufacturing, logistics and transportation, and natural resources organizations, with 68 percent of these being linked to ransomware groups. The manufacturing industry was found to have the highest number of devices with confirmed KEVs (over 96,000).
Crossing the divide: How IT and OT can work together to secure the future


In cybersecurity, the divide between IT (Information Technology) and OT (Operational Technology) remains a problem that practitioners, vendors, and consultants must navigate daily. The differences between these two mindsets -- one rooted in the world of delivering data and maintaining software, the other firmly planted in the realm of continuous uptime of industrial systems -- can lead to conflicting priorities and misunderstandings. Even as the industry strives to align these domains, this divergence is still evident, as I was reminded just this week.
During my usual morning LinkedIn browsing, I stumbled upon a post featuring the “Top 50 People in ICS/OT Cyber Security You Need to Follow”. At first glance, I panicked. My immediate assumption was that the list featured individuals responsible for securing operational environments -- the unsung heroes safeguarding critical infrastructure around the globe.
Critical infrastructure security incidents up over 600 percent since 2022


Reported security incidents in critical infrastructure worldwide have grown by 668 percent since 2022 according to a new report from Forescout.
There have been 10 percent more incidents for critical infrastructure sectors than in 2023 and more than half of all incidents (57 percent) affected critical infrastructure sectors. Network infrastructure devices (routers, firewalls, VPNs, etc.) are the second largest category and increased from three percent (2022) to 11 percent (2023) and now 14 percent (2024).
Operational tech under attack, deepfake phishing and learning to use passkeys -- cybersecurity predictions for 2025


With a constant power struggle between attackers and defenders cybersecurity is a fast-moving area. That makes it notoriously hard to predict what might happen, but that doesn't stop us trying. Here are what some industry experts think the cybersecurity world has in store for 2025.
Sasha Gohman, VP, research at Cymulate, thinks ransomware will become obsolete. "Ransomware may become obsolete due to the fact that decrypting your important files may become a feasible task with quantum computing. On the other hand, ransomware operators may then choose to encrypt your important files with quantum-resilient encryption."
80 percent of CNI organizations suffer email related breaches


A new survey of IT and security leaders working within critical infrastructure industries reveals that 80 percent of organizations experienced an email-related security breach over the past year, and 63.3 percent of respondents say their email security approach needs to be improved.
The report from infrastructure protection company OPSWAT based on a study by Osterman Research finds that despite advancements in cybersecurity, 48 percent of organizations lack confidence in their existing email security defenses, leaving them vulnerable to potentially devastating cyberattacks.
Remote access tools leave OT systems at risk of attack


Remote access tools are creating cybersecurity risks and operational burdens for operational technology (OT) systems, according to a new report.
The study, from the Claroty Team82 threat research team, using data from more than 50,000 remote-access-enabled devices shows that the volume of remote access tools deployed is excessive, with 55 percent of organizations having four or more and 33 percent having six or more.
The CISO's guide to effective OT security: Overcoming challenges and fostering collaboration


Operational technology (OT) systems have long been common in industries such as manufacturing, utilities, and healthcare. However, as these systems now increasingly integrate with IT networks, they are becoming the responsibility of the Chief Information Security Officer (CISO). As a result, CISOs in these sectors need to secure OT systems alongside traditional IT systems. This added responsibility has significantly increased the demands on security leaders.
Now, to safeguard both IT and OT systems, CISOs must possess the right knowledge and resources. Understanding the complexities of OT systems is necessary for the protection of vital operations and infrastructures, however it can be difficult to separate genuine expertise from sales hype.
Bridging the gap: Aligning OT security with the pace of new-gen technologies


The convergence of IT and OT (Operational Technology) networks has been instrumental in driving operational efficiency and innovation across industries. As businesses are rapidly heading towards Industry 4.0, the benefits of this integration are clear.
However, with digital transformation comes the risks of a constantly expanding threat landscape. The merging of IT and OT environments has amplified the risk of wide-scale disruptions and sophisticated attacks like ransomware, extending from digital to physical infrastructures. These concerns are also evident in the growing demand for OT security, as the market is projected to reach $38.2 billion by 2028.
New platform improves visibility across attack surfaces


There is an increasing level of crossover and connectivity between IT, operational technology (OT) and IoT assets, which raises the risk of cyberattacks originating in IT systems and then spreading into OT environments.
To help businesses address this risk Tenable is launching a new exposure management platform that provides holistic visibility into assets across IT and OT environments.
Increase in third-party access puts OT environments at risk


A new report from Cyolo and the Ponemon Institute reveals that third-party access to operational technology environments is significantly expanding the attack surface.
According to the study, 73 percent permit third-party access to OT environments, with an average of 77 third parties per organization granted such access.
The key threats facing ICS/OT environments


Industrial control system and operational technology environments are becoming increasingly interconnected and complex, offering efficiency and innovation. However, this also exposes organizations to heightened vulnerabilities from relentless cyber threats.
The latest SANS 2023 ICS/OT Cybersecurity Survey, sponsored by critical infrastructure protection specialist OPSWAT, shows the three items of utmost importance for ICS security programs in 2023 have been identified as network visibility, risk assessments, and transient device threat detection.
Recent Headlines
Most Commented Stories
BetaNews, your source for breaking tech news, reviews, and in-depth reporting since 1998.
Regional iGaming Content
© 1998-2025 BetaNews, Inc. All Rights Reserved. About Us - Privacy Policy - Cookie Policy - Sitemap.