The industrial sector typically lags far behind the IT industry.
So, it is no surprise that industries such as manufacturing, petroleum refining, utilities, and oil and gas are often lacking in security standards. After all, they have been steadily modernizing their systems, collectively known as operational technologies (OT), over the past decade by adding digital controls.
Now they’re playing catch-up on security.
This challenge first became apparent in 2021 when a cyber attack shut down the Colonial Pipeline in the Eastern USA for six days. It led to fuel shortages, price shocks, and a state of emergency affecting 17 states. The problem was brought into even sharper focus in March of 2026 when pro-Iranian hackers successfully hacked Stryker, a US medical device company.
The worry is that American defense contractors, power stations, and water plants could be the next targets in an effort to weaken resolve for the war effort.
Survey reveals cybersecurity weaknesses
A recent report from Siemens Energy, based on a survey conducted by Ponemon Institute, found the following:
- 77% of respondents report that within the past 12 months, a security compromise resulted in the loss of confidential information or disruption to operations in the OT environment.
- 4% report 10 or more such attacks within the past 12 months.
- 52% say a successful cyber exploit on their organization’s industrial control systems is likely in the next 12 months.
- 16% of cyberattacks on OT detected in the past 12 months required disclosure to regulators or the public.
- When asked to estimate the share of cyberattacks on OT that go undetected, the average response was 41%.
- It takes most organizations more than a month to detect cyber incidents, and an average of seven months to recover.
“Cyberattacks against OT are a significant source of risk,” Leo Simonovich, VP and global head of Industrial Cybersecurity for Siemens Energy, said in the report. “When asked to identify the top cybersecurity threats to critical operations, respondents cite malicious insiders and third-party mistakes, closely followed by denial-of-service attacks, insecure web applications, viruses and other malware.”
Other sources of attack include negligent insiders, insecure endpoints, watering hole attacks, and AI misuse. And in tandem with a trend impacting the business world as a whole, attackers are using third-party applications as a gateway to creating more havoc.
According to the survey, 26% of detected cybersecurity attacks on OT in the past 12 months involved one or more third-party vendors or contractors. Such attacks become all the more serious when you consider that they will typically impact multiple organizations.
Imagine the consequences if a vendor supplying software to all oil refineries, all pipeline operators, or all power plants were compromised. About 46% of survey respondents said it is likely that a successful cyberattack against their company would cause a plant shutdown.
Closing the OT security gap
The good news is that the majority of OT organizations plan to upgrade their security perimeter in the next 12 months.
However, the worry is that by the time they deploy these solutions, attackers will have developed new modes of incursion. The effort devoted to defending against cybercriminals and other malicious actors must be increased if the number of successful OT attacks is to be minimized.
“Organizations in manufacturing, oil and gas, electricity, utilities, and petrochemicals see frequent, often sophisticated, cyberattacks against OT systems,” said Simonovich. “By building awareness, covering common blind spots, and sharing best practices, we can strengthen resilience within these industries.”
Also read: Meta is deploying AI-powered scam detection tools across Facebook, Messenger, and WhatsApp to warn users about suspicious activity before they engage with fraudsters.
