Today’s OT security landscape is defined by expanding industrial exposure, active exploitation of network infrastructure, and renewed urgency around resilience in critical infrastructure and manufacturing. While the number of internet-reachable ICS/OT devices may be stabilizing, protocol sprawl, legacy systems, ransomware pressure, and unpatched edge infrastructure continue to widen operational risk.
BitSight Finds ICS/OT Exposure Plateauing, but Industrial Risk Still Expanding
BitSight’s 2026 global ICS/OT exposure report finds that internet-exposed industrial devices have leveled off at roughly 170,000 to 180,000 monthly unique IPs across 15 protocols, but the associated risk continues to grow. The report highlights expanding attack surfaces as modern PLCs support IT-adjacent protocols such as MQTT, HTTP, SSH, and FTP alongside traditional OT protocols, while adoption of secure protocol variants remains limited.
Source: BitSight
Cisco Discloses Seventh SD-WAN Zero-Day Exploited in 2026
Cisco has warned of CVE-2026-20245, an unpatched privilege-escalation zero-day in Cisco Catalyst SD-WAN Manager’s CLI that has been exploited in limited attacks. The vulnerability can allow an authenticated attacker with netadmin privileges to execute arbitrary commands as root, and its relevance is heightened for OT operators because SD-WAN is increasingly used to connect industrial sites.
Source: SecurityWeek
Industrial Cybersecurity Market Projected to Reach $50.12 Billion by 2035
A new SNS Insider report projects the industrial cybersecurity market will grow from $23.81 billion in 2025 to $50.12 billion by 2035, driven by ransomware and nation-state threats targeting OT environments. Energy and power remain the largest segment, while manufacturing is expected to see the fastest growth as Industry 4.0 adoption expands the cyber-physical attack surface.
Source: GlobeNewswire / SNS Insider
OPSWAT and Emerson Partner on OT Patch Management for Power and Water Operators
OPSWAT and Emerson have announced a global strategic reseller agreement to bring OT patch management capabilities to critical infrastructure customers in the power and water sectors. The first initiative integrates OPSWAT’s MetaDefender Endpoint and My OPSWAT Central Management On-Premises into Emerson’s Ovation Automation Platform, which is deployed at more than 800 sites worldwide.
Source: Manufacturing Business Technology
Gartner Highlights Rising Ransomware and CPS Risk in Manufacturing
Gartner’s 2026 manufacturing CIO trends report warns that ransomware attacks against manufacturers surged by 56% to 61% year over year between 2024 and 2025. The report says attackers are increasingly targeting production cyber-physical systems with extortion campaigns that combine operational disruption with intellectual property theft, making segmentation, immutable backups, and incident-response exercises board-level priorities.
Source: Cora Systems / Gartner
As industrial environments become more connected and adversaries sharpen their focus on operational disruption, sustained OT/ICS security vigilance is essential. Asset visibility, secure remote access, patch governance, segmentation, and tested recovery plans remain foundational to protecting safety, uptime, and critical services.
