Report: Firms Overestimate Remote Access Security

A significant "confidence-to-evidence gap" exists in industrial cybersecurity, where organizations' belief in their security posture outpaces the reality. The "State of Industrial Remote Access 2026" report, based on a global survey of 400 senior leaders, found that while most rated their session visibility as good, full vendor session auditability is rare. Vendor access is a primary risk multiplier in industrial settings. Organizations managing between 21 and 100 external vendors are reported to have the highest levels of risk exposure, especially when session visibility is only partial and credential reviews are infrequent. Compromised vendor credentials and unmanaged cloud connectors provide a trusted pathway for attackers into operational technology (OT) networks. Fragmented remote access tools, including VPNs, OEM-supplied software, and privileged access solutions, create significant visibility gaps. This patchwork of technologies leads to inconsistent oversight and audit trails, undermining security policies. Over 50% of initial access points in OT ransomware campaigns come from third-party vendor tools like VPNs and Remote Desktop Protocol (RDP). A breach in an OT environment carries the risk of physical consequences, unlike typical IT data breaches. Successful attacks on industrial control systems can lead to production shutdowns, equipment damage, and threats to worker safety.