Industrial Firms 'Overconfident' on Security

The recent "State of Industrial Remote Access 2026" report by Secomea highlights a significant disparity between the perceived and actual security postures of industrial organizations. While many companies express confidence in their control over remote access to industrial systems, the data reveals widespread security gaps. These gaps are often created by the use of multiple, fragmented remote access tools from various vendors, leading to inconsistent security and incomplete audit trails. The reliance on third-party vendors for maintenance and support is a primary driver for remote access in industrial environments. However, this dependency introduces substantial risks, as external vendors are not always subject to the same stringent security policies as internal employees. This can lead to issues like poor password hygiene and the use of unmanaged devices, which can compromise the security of operational technology (OT) systems. In fact, 41% of major cyber incidents in the manufacturing sector originate from third parties. Ransomware attacks are a growing threat, with a notable shift in their impact from solely IT environments to both IT and OT systems. In 2023, 37% of ransomware attacks on industrial organizations affected both IT and OT environments, a 10% increase from 2021. Of the companies targeted by ransomware in the past year, 69% paid the ransom. These incidents can have severe consequences, including operational downtime, equipment damage, and physical safety hazards. The increasing integration of IT and OT systems, while offering efficiency benefits, expands the potential attack surface for cybercriminals. Many industrial control systems were initially designed without cybersecurity in mind, making them vulnerable to modern threats. High-profile incidents, such as the attempt to manipulate chemical levels at a Florida water treatment facility in 2021, serve as stark reminders of the potential real-world consequences of these vulnerabilities. In response to these escalating threats, regulatory frameworks are becoming more stringent. The EU's Network and Information Systems Directive 2 (NIS2) now mandates that manufacturers implement robust cybersecurity measures for both IT and OT systems. This includes requirements for comprehensive risk management, incident response, and supply chain security, holding senior management personally accountable for non-compliance. A significant challenge for many organizations is the proliferation of remote access tools within their OT environments. A recent analysis found that 55% of industrial organizations use four or more remote access tools, with some using as many as 16. Many of these tools lack essential enterprise-grade security features like multi-factor authentication and session recording, creating significant security gaps. The convergence of IT and OT governance under a single leader, such as a Chief Information Security Officer (CISO), is a recommended best practice for strengthening security. Additionally, there is a clear trend towards consolidating remote access into unified, OT-specific platforms. This approach centralizes visibility, standardizes controls, and improves the governance of third-party vendor access.