Study reveals rising cyber risks for manufacturing firms due to IT/OT systems convergence

A report by Telstra International and Omdia reveals that 75% of cyber incidents affecting manufacturing firms targeted converged IT and operational technology (OT) systems, highlighting significant cyber risks and a lack of preparedness.
Exein partners with MediaTek to enhance chip security across multiple industries.

A recent report by Telstra International and Omdia reveals that converged IT and operational technology (OT) systems were targeted in 75% of cyber incidents affecting manufacturing firms over the past year. The report underscores the significant cyber risks associated with IT/OT convergence and highlights a general lack of preparedness among manufacturers to address these challenges.

Integrating IT systems with OT—programmable systems that interact with industrial equipment—can enhance efficiency in sectors such as manufacturing and energy. However, this convergence also increases the attack surface for cyber threat actors targeting critical industrial systems.

The report indicates that approximately 70% of OT systems in companies across the US, Latin America, and Europe are expected to connect to corporate IT within the next year, rising from the current 50%. Despite this trend, only 19% of surveyed firms are classified as ‘advanced’ in securing their IT/OT systems according to the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF).

Moreover, just 45% of manufacturers are well-prepared for IT/OT security across key areas such as security networking, awareness, supply chain risks, and the implementation of a zero trust framework. The report also highlights a lack of clarity regarding responsibility for securing IT/OT environments, with only 20% of respondents identifying Chief Information Security Officers (CISOs) as accountable, followed by Chief Risk Officers (14%) and Chief Technology Officers (13%).

Geraldine Kor, Telstra International’s Head of Global Enterprise Business, emphasised the importance of clearly defining and integrating security responsibilities to ensure effective responses to security challenges in mission-critical systems. She noted that a strong security culture and the right personnel are essential for enhancing overall security readiness.

Overall, 80% of manufacturers reported a notable increase in cybersecurity incidents in the past year, with 31% leading to financial losses and/or operational downtime. The costs associated with incidents affecting resilience or availability ranged from $200,000 to $2 million.

For more information on these topics, visit diplomacy.edu.