Report Warns on Industrial Cybersecurity

The report, based on a survey of 400 senior leaders, reveals a significant "confidence-to-evidence gap" in industrial security. While most organizations express high confidence in their regulatory readiness and session visibility, only 43% maintain full audit trails of vendor sessions, creating major forensic and compliance blind spots. Vendor access is identified as the primary risk multiplier. The likelihood of a security incident rises sharply as the number of third-party vendors increases, with organizations managing 21 to 100 external vendors reporting the highest levels of exposure. The risk is driven less by vendor behavior and more by how client organizations structure and govern that access. Recent real-world attacks highlight the danger of unsecured remote connections. For instance, between November 2023 and January 2024, the Iran-affiliated group "Cyber Av3ngers" compromised multiple U.S. water and manufacturing facilities by exploiting Israeli-made PLCs that were connected to the internet with default factory passwords. The financial stakes of an operational technology (OT) breach are immense. A 2025 report from Dragos and Marsh McLennan estimated that in a severe, once-in-250-years scenario, global financial losses from OT cyber incidents could reach $329.5 billion, with business interruption accounting for $172.4 billion of that total. This growing risk is fueling a rapidly expanding market for security solutions. The industrial secure remote access market is projected to grow from $3.27 billion in 2025 to $6.09 billion by 2030, driven by the need for better monitoring tools and increased regulatory scrutiny. Many industrial firms are hampered by fragmented security tools, relying on a mix of VPNs, OEM tools, and other solutions that create inconsistent oversight and multiple access pathways. In response, the industry is shifting toward unified, OT-specific platforms that enforce Zero Trust principles, such as identity-based, time-bound permissions for all users.