Today’s OT security landscape is marked by critical vulnerabilities actively exploited in the wild, a notable shift toward disruptive attacks on industrial environments, and growing concerns over workforce skill shortages impacting security posture. Organizations must prioritize patching, automation, and comprehensive visibility to mitigate escalating risks.
Key Takeaways
- Immediately apply patches for Fortinet FortiClientEMS zero-day vulnerability (CVE-2026-35616) before the April 9 deadline.
- Leverage the CISA Known Exploited Vulnerabilities catalog to prioritize remediation efforts across OT and IT assets.
- Prepare for a rising wave of active and ransomware attacks targeting critical OT sectors by enhancing detection and response capabilities.
- Address OT cybersecurity skills gaps by automating routine security tasks such as patch management and credential rotation.
- Implement network segmentation and restrict remote access for ICS products with known vulnerabilities pending patch availability.
Fortinet Issues Emergency Patch for Actively Exploited FortiClientEMS Zero-Day (CVE-2026-35616)
Fortinet has released an urgent patch for a critical SQL injection vulnerability in FortiClientEMS that is currently being exploited by attackers. This flaw allows unauthenticated remote code execution on affected servers, posing a severe risk to organizations using this endpoint management system. Security teams must deploy the patch immediately to prevent compromise, as CISA has set a strict remediation deadline of April 9, 2026.
Source: Dark Reading
CISA Adds CVE-2026-35616 to Known Exploited Vulnerabilities Catalog
The Cybersecurity and Infrastructure Security Agency (CISA) has formally included the Fortinet FortiClientEMS vulnerability CVE-2026-35616 in its Known Exploited Vulnerabilities catalog. This action mandates that federal agencies and critical infrastructure operators apply the patch by April 9, 2026, underscoring the flaw’s severity. Security teams across all sectors should use the KEV catalog as a prioritization tool to manage vulnerability remediation effectively.
Source: CISA
Dragos 2026 OT/ICS Cybersecurity Report: Adversaries Shift to Active Attack Posture
The latest Dragos report highlights a disturbing trend of threat actors transitioning from reconnaissance to active, disruptive attacks in OT and ICS environments. Ransomware incidents have increased by 23%, with manufacturing, electric utilities, and oil and gas sectors most heavily targeted. The report warns that IT-OT network convergence is broadening the industrial attack surface, necessitating enhanced security strategies.
Source: ARC Advisory Group
SANS 2026 OT/ICS Cybersecurity Survey: Skills Gaps Now Causing Measurable Breaches
The SANS Institute survey reveals that OT cybersecurity skills shortages are directly contributing to measurable breaches, with 41% of respondents reporting incidents linked to insufficient staffing or expertise. The report advocates for automating routine security tasks—such as patch management, credential rotation, and compliance monitoring—to compensate for workforce gaps and reduce risk.
Source: Industrial Cyber
CISA Releases ICS Advisories for Siemens, Hitachi Energy, and Yokogawa Products
CISA has issued multiple advisories detailing critical and high-severity vulnerabilities in ICS products from Siemens, Hitachi Energy, and Yokogawa. These vulnerabilities include authentication bypass, improper input validation, and remote code execution across SCADA, DCS, and building automation systems. Organizations should apply vendor patches promptly, implement network segmentation, and restrict remote access where patches are not yet available to mitigate risk.
Source: CISA ICS Advisories
Viakoo in the News
The following articles published this week mention Viakoo or quote Viakoo team members:
Siemens and Viakoo Collaborate — Security Buyer Magazine
Security Buyer Magazine covered the strategic agreement between Siemens Smart Infrastructure and Viakoo to deliver the Viakoo Action Platform™ to Siemens customers. The article includes a quote from Bud Broomhead, CEO and Founder of Viakoo:
“We are thrilled to join forces with Siemens, a global technology leader committed to innovation and excellence. This collaboration allows us to extend the reach of the Viakoo Action Platform, helping more enterprises secure their IoT and OT environments, automate critical cyber hygiene tasks, and ensure continuous compliance. Together, we will empower organizations to unlock the full potential of their connected devices without compromising security.”
Source: Security Buyer Magazine
Siemens Adds Viakoo Platform for OT and IoT Security — Engineering.com
Engineering.com reported on the Siemens-Viakoo agreement, noting that the Viakoo Action Platform provides automated firmware updates, certificate management (802.1x), password enforcement, and compliance tracking for organizations managing large, distributed OT and IoT device fleets. The platform’s vendor-agnostic, agentless approach supports multi-vendor environments and reduces manual effort for security teams.
Source: Engineering.com
