Industrial security is on shaky ground and leaders need to pay attention

44% of industrial organizations claim to have strong real-time cyber visibility, but nearly 60% have low to no confidence in their OT and IoT threat detection capabilities, according to Forescout.

How confident are you in your OT/IoT threat detection coverage? (Source: Forescout)

Digitalization raises industrial cyber risks

Digitalization has increased connectivity across devices, transforming industrial environments, which in turn increases cyber risk. Rising geopolitical tensions further compound these challenges, demanding more nuanced, strategic and integrated security approaches to protect critical assets while maintaining operations.

“Industrial leaders tell us that they’re under intense pressure to modernize operations while still relying on fragmented and outdated security technologies,” said Jonathon Gordon, Directing Analyst at Takepoint Research. “They recognize that incremental fixes aren’t enough — they need a unified security strategy that bridges IT and OT, backed by executive support and driven by automation.”

Early stages of OT cybersecurity maturity

Most organizations see supply chain risks and cybercriminal activity as their biggest security threats, far more than threats from nation-state actors or zero-day vulnerabilities. This shows a focus on immediate, visible risks rather than harder-to-detect, long-term dangers.

Many organizations are still developing their OT security, with only a small portion having mature practices. Most rely on basic, manual processes with limited visibility and fragmented controls.

63% of organizations take over a month, and sometimes more than three months (over 33%), to fix threats. This results in heightened risk from blind spots, alert fatigue, inconsistent insights and increased operational complexity.

Too many tools and manual work are slowing down security teams

57% of organizations use multiple tools to monitor their IT, OT, and IoT environments. This often leads to blind spots, alert fatigue, inconsistent data, and increased complexity.

Key security activities like prioritizing vulnerabilities and mitigating risks are still very labor-intensive. These tasks are made harder by limited staffing and heavy manual workflows.

“Low confidence in OT and IoT threat detection is a warning signal, not just a statistic,” said Christina Hoefer, VP of OT/ IoT Vertical and Strategy, Forescout. “For industrial organizations managing complex, high-stakes environments, improving detection means visibility across all devices, monitoring OT networks and strategically investing in security controls that respect operational needs to reduce risks and enable effective incident response.”