Forescout, a global cybersecurity leader, today released findings from the Global Industrial Cybersecurity Benchmark 2025, an international study conducted by Takepoint Research and sponsored by Forescout, that revealed some stark disconnects. The research found that 44% of industrial organizations claim to have strong real-time cyber visibility, but nearly 60% have low to no confidence in their Operational Technology (OT) and Internet of Things (IoT) threat detection capabilities.
Also Read: The Agentic AI Revolution: Top 5 Must-Have Agents for Telcos in 2025
The Industrial Cybersecurity Benchmark 2025 surveyed 236 operational technology and automation leaders to identify their key challenges, maturity gaps and strategic priorities as risks to industrial organizations rise. Rapid digitalization has increased connectivity across devices, transforming industrial environments — which in turn increases cyber risk. Rising geopolitical tensions further compound these challenges, demanding more nuanced, strategic and integrated security approaches to protect critical assets while maintaining operations.
“Industrial leaders tell us that they’re under intense pressure to modernize operations while still relying on fragmented and outdated security technologies,” said Jonathon Gordon, Directing Analyst at Takepoint Research. “They recognize that incremental fixes aren’t enough — they need a unified security strategy that bridges IT and OT, backed by executive support and driven by automation.”
Key Findings:
- The Top Security Concern is Supply Chain Threats and Cybercriminal Activity:
- 50% of organizations claim these are their top concern, far exceeding concerns about nation-state actors (8%) and zero-day vulnerabilities (9%).
- This reflects a focus on tangible, near-term disruptions, rather than protection against long-term strategic risks that may be harder to detect but equally damaging over time.
- Most Organizations Are in Early Stages of OT Cybersecurity Maturity:
- Only 17% of organizations report mature OT security practices, while 64% classify their maturity as foundational, characterized by manual processes and fragmented visibility and compensating controls.
- An additional 19% identify their cybersecurity maturity as evolving.
- Remediation Timelines Expose Prolonged Risk:
- Over 33% of organizations take more than 90 days to remediate threats
- 63% take over 30 days due to insufficient metrics tracking, industrial maintenance constraints and a lack of automation to streamline response workflows.
- Widespread Tool Sprawl and Fragmentation Remains a Challenge:
- 57% of organizations deploy more than three tools to monitor IT, OT and IoT environments.
- This results in heightened risk from blind spots, alert fatigue, inconsistent insights and increased operational complexity.
- Critical Security Tasks Are Still Highly Manual and Time-Intensive:
- Nearly half of organizations cite vulnerability prioritization (49%) and risk mitigation (44%) as the most laborious tasks.
- This is further exacerbated by challenges with limited staffing and heavy manual workflows.
“Low confidence in OT and IoT threat detection is a warning signal, not just a statistic,” said Christina Hoefer, Vice President of OT/ IoT Vertical and Strategy, Forescout. “For industrial organizations managing complex, high-stakes environments, improving detection means visibility across all devices, monitoring OT networks and strategically investing in security controls that respect operational needs to reduce risks and enable effective incident response.”
Research Methodology
Takepoint Research conducted a global survey of 236 professionals responsible for securing OT environments in manufacturing, energy and utilities, transportation, government, and oil and gas organizations. The research was conducted between January and March 2025.
Also Read: Why Cybersecurity-as-a-Service is the Future for MSPs and SaaS Providers
[To share your insights with us as part of editorial or sponsored content, please write to psen@itechseries.com]
