Industrial Firms 'Overconfident' on Cybersecurity
A new global report finds industrial organizations are significantly overestimating the security of their remote access systems. The "State of Industrial Remote Access 2026" report warns that as operational technology (OT) networks connect more devices, vendor risk and visibility gaps are rising fast, leaving critical infrastructure exposed.
The manufacturing sector has been the most targeted industry for cyberattacks for the fifth consecutive year, accounting for nearly 28% of all incidents in 2025. Attackers most commonly breach manufacturing systems by exploiting public-facing applications, followed by the use of valid accounts and exploiting external remote services. A significant issue is the proliferation of remote access tools within operational technology (OT) environments. One 2024 study found that 55% of OT organizations use four or more remote access tools, and a third have six or more. This "tool sprawl" increases the attack surface and creates security gaps that threat actors can exploit. The "State of Industrial Remote Access 2026" report highlights that the number of external vendors is a primary risk multiplier. Organizations that manage between 21 and 100 external vendors report the highest levels of incident exposure. The risk is less about vendor behavior and more about how companies structure and monitor that external access. Weak credential hygiene remains a foundational problem. In 2025, attackers increasingly bypassed vulnerability exploits in favor of credential abuse and identity-led intrusions. Basic security gaps, such as internet-exposed administrative ports and a lack of multi-factor authentication, are the primary enablers of large-scale breaches. The structure of an organization's remote access environment is the strongest predictor of its security maturity. Organizations using unified, OT-specific platforms report higher session visibility, stronger audit trails, and lower incident exposure compared to those with fragmented systems combining VPNs, OEM tools, and other solutions. There is a clear trend toward Zero Trust security models to mitigate these risks. This approach involves enforcing least-privilege access, where users and vendors are only granted access to the specific systems required for their tasks. This strategy is coupled with the centralization of control over remote access, even while delegating execution to various vendors. The financial consequences of these security lapses are substantial. In 2025, the average ransomware recovery cost for manufacturers, excluding the ransom itself, was approximately $1.3 million. Globally, the cost of cybercrime is projected to grow from $9.22 trillion in 2024 to $13.82 trillion by 2028.
