- My favorite Android smartwatch beats Samsung and Google with its multi-day battery life
- CIOはAIイノベーションのために「ビッグ3」クラウドプロバイダー以外にも目を向ける
- Save $1,150 on the Samsung Odyssey Ark and get a 24-inch monitor for free - but hurry
- Amazon has discounted several M4 Mac Mini models (but I don't expect it to last)
- The future of Google Search just rolled out on Labs - and AI Mode changes everything
Over Half of Organizations Report Serious OT Security Incidents
More than half of global organizations have suffered an operational technology (OT) incident over the past 12 months, according to the SANS Institute.
The training and certifications company polled over 180 professionals in energy, IT, government and other critical infrastructure sectors to better understand their OT exposure.
The resulting report, 2025 ICS/OT Cybersecurity Budget: Spending Trends, Challenges, and the Future, revealed that most suffered an incident leading to data loss, unauthorized access, operational disruption or other events. Just 43% indicated no such incident occurred.
A particular concern is that “IT compromise” (58%) was cited as the most common OT attack vector, indicating the converged nature of the two historically siloed functions. Yet despite this, only 27% of budget decisions are led by CISOs.
Read more on OT threats: OT/IoT Malware Surges Tenfold in First Half of the Year
While over half (55%) of respondents reported budgets growing over the past two years, just 9% of professionals dedicate all of their time to OT security, indicating a potentially concerning shortfall in resources dedicated to protecting critical infrastructure.
A plurality (41%) of respondents said they allocate just 0-25% of overall budgets to ICS/OT security.
Responding organizations ranked the following as their top priorities for investment, in the following order:
- ICS/OT defensible network architecture, to enforce robust segmentation and prevent IT compromises breaching over into ICS/OT networks
- ICS-specific incident response to cover both standard ICS assets and specialized engineering devices
- Architectures supporting real-time network visibility and situational awareness
- Removable media and transient device security, to protect engineering laptops and portable tools used for ICS maintenance, as well as ICS network operations
“One of the most concerning findings in the report is that while cybersecurity budgets have increased, much of the investment remains focused only on traditional business support systems such as IT, leaving ICS/OT environments, the business itself, dangerously under-protected. After all, in an ICS organization, the ICS is the business,” argued SANS principal instructor, Dean Parsons.
“Organizations that fail to reevaluate their threats to their ICS environments leave critical infrastructure vulnerable to increasingly sophisticated attacks. Protecting these engineering systems isn’t optional – it’s essential for operational resilience and national security.”
