The False Confidence in Industrial Cybersecurity: 60% of Organizations Do Not Reliably Detect OT/IoT Threats

A global study warns of significant gaps in the protection of critical infrastructure despite advancements in digitalization

Digital transformation has strongly impacted factories, energy plants, and transportation systems worldwide. However, as connections increase, so do vulnerabilities. This is revealed in the new report “Industrial Cybersecurity Benchmark 2025” published by Forescout Technologies, which warns of a dangerous disconnect between the perception of security and the operational reality in industrial environments.

The study, conducted in collaboration with Takepoint Research, surveyed 236 leaders in operational technology (OT) and automation worldwide. The most concerning statistic: nearly 60% of organizations admit to having low or no confidence in their ability to detect threats in their OT and IoT systems, despite 44% claiming to have real-time visibility into their cyber environments.

“The low confidence in OT/IoT threat detection is not just a statistic; it’s a wake-up call,” warned Christina Hoefer, Vice President of OT/IoT Strategy at Forescout.

Digitalizing without securing: a ticking time bomb

Industrial modernization brings more sensors, more connectivity, and more data. But it also adds more attack surface for cybercriminals and ransomware groups. Despite this, many organizations remain anchored in basic security practices. Only 17% consider themselves mature in OT cybersecurity, while 64% still operate with manual processes and fragmented visibility.

One of the critical points highlighted in the report is the excess of disconnected tools: 57% of organizations use more than three different platforms to monitor IT, OT, and IoT environments, leading to alert fatigue, blind spots, and high operational complexity.

Bottlenecks prolonging risk

Another alarming finding is the slow response to incidents. More than one-third of organizations take more than 90 days to remediate threats, and 63% take over a month, mainly due to technical limitations, lack of automation, and a shortage of skilled personnel.

The most labor-intensive tasks, such as prioritizing vulnerabilities (49%) or mitigating risks (44%), continue to rely on manual processes, making it difficult to protect critical systems.

Supply chain, the main concern

In the face of sophisticated threats like nation-state attacks or “zero-day” vulnerabilities, most organizations show a more practical and immediate approach. 50% identify the supply chain and organized cybercrime as their top concern, prioritizing tangible disruptions over more strategic risks.

According to Jonathon Gordon, an analyst at Takepoint Research, “industrial leaders are under significant pressure to modernize operations, but they are doing so with outdated and fragmented security technologies. They need a unified, automated strategy backed by leadership.”

Towards a unified and automated strategy

Forescout recommends moving toward a converged security model that breaks the barrier between IT and OT and focuses on comprehensive visibility, active monitoring of OT networks, and intelligent response automation.

The report concludes that while overall maturity is low, there is a growing awareness of the need to evolve from reactive patches to proactive, resilient, and sustainable industrial cybersecurity architectures.


Key figures from Benchmark 2025:

IndicatorResult
Claimed real-time visibility44%
Low or no confidence in OT/IoT detection59%
Organizations with high OT maturity17%
Remediation time exceeding 30 days63%
Different security tools in useMore than 57% use 3 or more
Most manual tasksPrioritize vulnerabilities (49%), mitigate risks (44%)

This study emphasizes that the digitalization of industry cannot be separated from a serious and structured investment in cybersecurity. Without it, modernization becomes a double-edged sword.

Source: forescout

Scroll to Top