Cyberattacks keep hitting the OT systems that critical infrastructure operators run, according to new research from Forrester. In a survey of 262 OT security decision-makers, 91% reported at least one breach or system failure caused by a cyberattack in the past 18 months. These attacks disrupted essential services, damaged reputations, and created regulatory and financial consequences.
The study highlights the limits of current OT security approaches. While many vendors build products using Secure by Design principles, these controls alone do not protect complex operational environments where different systems and assets must work together. The report calls for a shift to Secure by Operations, a strategy focused on ongoing protection throughout the lifecycle of OT assets.
Why traditional IT security practices fall short in OT environments
The survey found that most organizations lack comprehensive OT cybersecurity strategies. Only 40% of respondents said their company has a strategy covering all interconnected assets and systems. Nearly half are still in the process of developing one, while 13% have none at all. Among those without a formal OT security plan, more than half rely on IT practices that may not align with the performance and safety requirements of industrial systems.
Visibility into OT environments is another major issue. Sixty-four percent of respondents said they do not have visibility across their network of connected OT assets and systems. Seventy-one percent acknowledged that their OT environments are a vulnerable entry point for broader attacks on their organizations’ networks.
This lack of visibility and strategy leads to operational and security challenges. Less than half of organizations have the ability to monitor OT systems around the clock, restrict access to critical assets, or manage security controls such as patching throughout the asset lifecycle. These gaps create openings for attackers and increase the risk of misconfigurations that could disrupt essential services.
“To close the widening OT cybersecurity gap, organizations must combine internal capabilities with external partnerships that bring specialized, operationally aware expertise,” said Jay Abdallah, President, Cybersecurity Solutions, Schneider Electric.
Moving to Secure by Operations
Secure by Operations builds on Secure by Design by extending cybersecurity beyond initial product development and deployment. It calls for continuous monitoring, secure configuration, and roles among technology providers, system integrators, and asset owners. By maintaining security controls over time, organizations can reduce exposure to threats and improve resilience.
The study found strong support for this approach. Three-quarters of respondents said adopting Secure by Operations principles is important for mitigating future OT cyberattacks. Respondents expect benefits such as faster recovery times, longer asset lifespans, reduced capital costs, and improved compliance.
Building the right capabilities
Implementing Secure by Operations requires resources and expertise. Many organizations are addressing this need by hiring dedicated OT security professionals, training existing staff, and working with MSSPs. These partnerships can provide monitoring, compliance support, and incident response capabilities that are difficult to build internally.
Source link
