Industrial Firms Overestimate Remote Security

The financial stakes of a breach in operational technology (OT) are staggering, with potential global losses from severe incidents estimated at up to $329.5 billion in a single year. Business interruption often accounts for the largest portion of these costs, with indirect impacts like production halts and supply chain disruptions frequently exceeding the direct costs of the breach itself. A core challenge is the fundamental difference between IT and OT environments. While IT security prioritizes data confidentiality and can accommodate frequent patching and system reboots, OT systems demand near-constant uptime to control physical processes, making them incompatible with many standard IT security practices. Many industrial control systems (ICS) run on legacy hardware and software that were never designed to be connected to the internet and often lack basic security features like encryption and modern authentication. This, combined with insecure communication protocols like Modbus and DNP3, creates a fertile ground for attackers. Third-party vendors represent a primary vector for cyberattacks. A 2025 survey revealed that 88% of manufacturers grant remote OT access to third parties, with 60% permitting access to over 100 external vendors. High-profile supply chain attacks, such as those targeting SolarWinds and Kaseya, have demonstrated how a single vendor compromise can impact thousands of organizations. Recent manufacturing-specific attacks underscore the real-world consequences. In 2022, a cyberattack forced Toyota to halt operations at 14 of its Japanese factories, resulting in a production loss of roughly 13,000 vehicles. Similarly, a 2023 attack on building materials manufacturer Simpson Manufacturing Company disrupted its business operations and led to a 9.4% decline in its stock price over a single month. The fragmented nature of remote access tools further complicates security. Many organizations use four or more separate remote access tools, often including non-enterprise-grade solutions that lack essential security features like multi-factor authentication or session auditing capabilities. This tool sprawl creates visibility gaps and inconsistent security enforcement. In response to these growing threats, new regulations are intensifying the focus on supply chain security. The European Union's NIS2 Directive, which took full effect in October 2024, mandates that organizations assess and manage the cybersecurity risks associated with their direct suppliers and service providers, making security a shared responsibility.