data-driven analysis of real-world vulnerabilities observed in more than 850 production OT networks across all industrial sectors and 6 continents

Download the report

Learn Why Operational Technology (OT) Networks are Soft Targets for Adversaries

Now in its second year, this year’s report is based on traffic captured over the past 12 months from more than 850 industrial operational technology (OT) networks, across six continents and all sectors including energy and utilities, manufacturing, pharmaceuticals, chemicals, and oil & gas.

The data shows that OT networks continue to be soft targets for adversaries, with cybersecurity gaps in key areas such as plain-text passwords (69%), direct connections to the internet (40%), weak anti-virus protections (57%), and WAPs (16%).

But that doesn’t mean nothing can be done. Ruthless prioritization is key. Many problems exist, but not all of them need be solved at once. In this report, CyberX lays out a series of eight steps towards strengthening your OT security posture and protecting your organization’s most essential assets and processes, including:

  • Continuous OT network monitoring to immediately spot attempts to exploit unpatched systems — before attackers can do any damage
  • Automated threat modeling to prioritize mitigating highest-consequence attack vectors
  • Compensating controls such as granular segmentation

Unlike questionnaire-based surveys, CyberX’s report is based on analyzing real-world traffic — making it a more accurate representation of the current state of OT cybersecurity.

Get all the findings and expert recommendations: Download the full report.