Welcome to the Daily OT Security News briefing for June 17, 2026. Here we cover the latest developments and insights to keep operational technology, ICS, and IoT security professionals informed and prepared.
CISA Issues Five ICS Advisories for Rockwell Automation Products
On June 16, 2026, CISA released five ICS advisories (ICSA-26-167-01 through ICSA-26-167-05) detailing critical vulnerabilities in several widely deployed Rockwell Automation products, including FactoryTalk Analytics PavilionX, RSLinx, Logix Controllers, CompactLogix, and FLEX I/O EtherNet/IP Adapters. The flaws range from missing authorization issues (CVSS v3 score 7.0) to denial-of-service conditions exploitable via the Common Industrial Protocol (CIP). CISA urges organizations to minimize network exposure, isolate control systems behind firewalls, and apply vendor patches immediately.
Source: CISA ICS Advisories on Rockwell Automation Products
White House Issues NSPM-12 to Overhaul Cybersecurity Governance for National Security Systems
The White House has released National Security Presidential Memorandum 12 (NSPM-12), introducing a comprehensive cybersecurity governance framework for National Security Systems (NSS) across military, intelligence, and classified federal infrastructure. NSPM-12 re-establishes the Committee on National Security Systems (CNSS) and designates the NSA as the National Manager for NSS cybersecurity, granting it expanded powers to issue emergency directives, assess security postures, and coordinate cyber defense. Agencies are mandated to update incident reporting policies within 60 days and complete cloud security configuration reviews within 120 days.
Source: Industrial Cyber News on NSPM-12
Forescout Joins OT-ISAC to Strengthen Global Threat Intelligence Sharing for Critical Infrastructure
Forescout Technologies announced its official membership in the Operational Technology Information Sharing and Analysis Center (OT-ISAC), a global community focused on securing OT and ICS environments through collaborative defense. Forescout will contribute threat intelligence from its Vedere Labs research team and collaborate with industry leaders in energy, manufacturing, and healthcare sectors. This step complements Forescout’s existing participation in other ISACs, reinforcing the critical role of cross-sector intelligence sharing in enhancing critical infrastructure resilience.
Source: Industrial Cyber News on Forescout Joining OT-ISAC
Arctic Wolf Report: One in Three IT Assets Missing Critical Security Controls
Arctic Wolf’s State of the Cybersecurity Attack Surface report, published June 17, 2026, reveals that 33% of IT assets are missing at least one critical security control or are misconfigured, based on an analysis of over 800,000 assets. Key findings highlight that 19% of assets run on end-of-life hardware or software, 17% remain invisible to vulnerability management tools, and 10% lack endpoint security altogether. The report also notes that 65% of non-BEC incident responses involve abuse of internet-facing remote access services, with all top exploited vulnerabilities having patches available at the time of exploitation.
Source: KBI Media on Arctic Wolf Report
Legacy OT Systems Face Escalating Cyber Threats as IT/OT Convergence Expands Attack Surface
A recent analysis by ESET’s WeLiveSecurity highlights the growing cybersecurity challenges facing legacy OT systems within manufacturing and critical infrastructure. According to SANS Institute data, nearly 60% of OT attacks originate from compromises in corporate IT environments. Ransomware groups are increasingly developing OT-specific capabilities, recognizing that disrupting physical processes yields higher ransom demands. The report stresses that asset visibility is fundamental to OT risk management and warns against the “self-established obsolescence” where legacy systems remain unpatched to avoid operational disruptions.
Source: WeLiveSecurity Analysis on Legacy OT Threats
Thank you for reading today’s briefing. Stay vigilant and informed as we continue to monitor the evolving landscape of OT and ICS cybersecurity.
