Industrial Firms Overestimate Cybersecurity, Report Finds

The "State of Industrial Remote Access 2026" report surveyed 400 senior leaders in manufacturing and critical infrastructure, revealing a significant "confidence-to-evidence gap" where perceived security doesn't match reality. While most organizations rated their visibility and regulatory readiness as high, the underlying data on vendor oversight and credential discipline showed significant weaknesses. Third-party vendors represent a primary risk multiplier in industrial settings. Organizations that manage between 21 and 100 external vendors report the highest levels of incident exposure. The risk is concentrated where visibility into vendor sessions is only partial and reviews of their credentials are not frequent. This vulnerability is a major concern as supply chain cyberattacks have been increasing in frequency and severity. A fragmented approach to remote access tooling quietly undermines security. Many organizations rely on a mix of VPNs, tools supplied by original equipment manufacturers (OEMs), and other privileged access solutions. This creates inconsistent audit trails and redundant access pathways, eroding the visibility that security teams believe they have. The move toward unified and identity-centric remote access platforms is accelerating due to both operational and regulatory pressures. Organizations using dedicated platforms for their Operational Technology (OT) environments report higher session visibility, more complete audit trails, and lower incident exposure. This consolidation is less about replacing every tool and more about governing all access through a single control layer. Securing industrial environments presents unique challenges compared to traditional IT. Operational Technology (OT) systems, which manage physical processes, prioritize availability and safety, meaning security measures cannot disrupt production or create physical risks. These systems often have lifespans of 15-20 years, cannot be easily patched, and may be incompatible with standard IT security tools. Cyberattacks on critical infrastructure can have devastating real-world consequences, including power outages, manipulation of water treatment facilities, and fuel pipeline disruptions. Past incidents, like the ransomware attack that shut down the Colonial Pipeline, demonstrate the vulnerability of these essential services to remote exploitation. The interconnected nature of this infrastructure means a breach in one sector can cascade, impacting public safety and economic stability.