Dragos
The protection of industrial systems is crucial
In 2025, OT (Operational Technology) cyber security will play a key role in protecting industrial environments and critical infrastructures. Phil Tonkin, Field CTO of Dragos, names key measures for the coming year.
Phil Tonkin, Field CTO of Dragos, warns: "The increasing connectivity brought about by digital transformation is exposing security vulnerabilities in OT systems that were often developed without considering modern threats."
Threats such as the FrostyGoop malware, which put heating systems in Ukraine out of action, or Pipedream, a scalable ICS malware, illustrate the risks. Unlike in IT, where the focus is on protecting data, OT security concentrates on maintaining physical processes and preventing outages.
Strategies for a more resilient future
Companies are increasingly recognizing the need for specialized approaches. Dragos names the following key measures for 2025:
- Develop an incident response plan for ICS:
This plan should include key contacts, staff competencies at each location, escalation guidelines and action steps for different scenarios. The plan can then be refined using tabletop simulations.
- Defensible architectures:
Segmented networks and secure protocols protect OT systems from attack and enable rapid incident recovery, effectively minimizing the attack surface.
- ICS network visibility:
Complete visibility of all devices and activities in OT networks helps to detect anomalies early. Transparency is crucial to close security gaps.
- Secure remote access:
The main focus should be on connections in and out of the OT network and not on internal network traffic, for example with multi-factor authentication (MFA).
- Risk-based vulnerability management:
An effective OT network vulnerability management program ensures timely detection of relevant vulnerabilities, accurate risk assessments and mitigation strategies to minimize exposure while maintaining operations.
Safety as a management task
Tonkin adds: "Cybersecurity is more than just a technical challenge - it requires the active commitment of company management. Those who prioritize OT security will strengthen the resilience of their business and remain competitive." 2025 is expected to be the year in which OT cybersecurity is established as an indispensable standard in the industry. Companies that act early will benefit from increased security, economic stability and a long-term competitive advantage.
You might also be interested in
New Vice President of Global Partner Ecosystem appointed
Effective immediately, John Ryan is the new Vice President of Global Partner Ecosystem at Claroty, a specialist in the security of cyber-physical systems (CPS).
read more...Increasing cyberattacks on the manufacturing sector
A report from Check Point Exposure Management on the threat landscape in the manufacturing industry shows a dramatic increase in ransomware, supply chain attacks and OT-related cyber incidents. As smart factories and connected supply chains become...
read more...Cybersecurity is a top priority for car manufacturers
The latest "Automotive Manufacturing Outlook Survey" from ABB Robotics shows that cyber security has become the most important focus for automotive manufacturers around the world. This indicates a clear change in the perception of digital risks.
read more...Cloud security often inadequate
According to Red Hat's "State of Cloud-native Security" Report 2026, 97% of the companies surveyed with hybrid cloud environments reported security incidents within a year. This is based on data from around 600 IT specialists.
read more...CRA guide for Powerlink checked
TÜV Rheinland has audited the "CRA Guide for Powerlink" from B&R. The guide is one of the first independently audited technical documentations for the implementation of the EU Cyber Resilience Act in automation.
read more...Dragos expands collaboration with Microsoft
Dragos, a global provider of cyber security for OT environments, is expanding its collaboration with Microsoft. The aim is to support companies in modernizing and securing their cyber-physical operating processes.
read more...All for One acquires stake in BrightFlare
All for One acquires a minority stake of 25.1% in the Austrian company BrightFlare. BrightFlare is a cybersecurity services provider for the protection of industrial plants and critical infrastructures.
read more...Check Point Cyber Security Report 2026
More attacks on German companies
The new "Cyber Security Report 2026" from Check Point shows a significant increase in cyberattacks on German organizations by 2025. The education sector is particularly affected and is well above the national average.
read more...Claroty appoints new Chief Revenue Officer
James Love is the new Chief Revenue Officer (CRO) of Claroty, a specialist in the security of cyber-physical systems (CPS).
read more...