Loading
Magazine | Cybersecurity
Recent ActivityRecent Activity

Top 5 OT Cybersecurity Predictions for 2025

Learn how to strengthen your defenses as manufacturers face increasing threats, risks and attacks across their IT and OT environments.

Share This:

LinkedInLinkedIn
XX
FacebookFacebook
PrintPrint
EmailEmail
Abstract concept of cybersecurity data firewall, encrypted network, VPN, secure access and authentication on blue background.

By Richard Springer, Senior Director, Marketing, OT Solutions, Fortinet

Making predictions is often more art than science. But as I look at what’s happening with operational technology (OT) security, I see a few trends that OT leaders should keep an eye on in 2025. Many of these predictions continue themes that we saw over the past year, particularly in terms of risk. For OT, new threats are always appearing as cybercriminals continue to pivot toward unsecure and high-value targets.

1. Rise in OT Risks

In 2025, geopolitical events will continue to drive targeted attacks on cyber-physical systems and critical infrastructure.

Last year, we saw attacks on satellite networks and manufacturing companies in the United States and Europe. Some were linked to events in the Middle East where attackers went after programmable logic controllers (PLCs) that happened to be produced in Israel, and took down some small water districts.

Even though these events produced minor disturbances, they gave attackers more confidence, because they represented small, easy-to-execute, yet disruptive attacks. These types of attacks also serve to intimidate targets so they worry that their water system might not be safe.

I expect these psychological operations tactics to continue increasing, acting as a chilling reminder that attackers could take larger, more severe actions against infrastructure in the future.

From the Author: The Journal’s Final Issue

The Journal has been a beacon for Rockwell Automation’s global customers and partners for the past 33 years. As a trusted and treasured resource for industry insights, trends and real-world solutions, it helped make the vast world of industrial automation feel like a community. A heartfelt thank you and kudos to everyone at The Journal for consistently delivering excellence to our mailboxes.

— Your Partners at Fortinet   

Unfortunately, the manufacturing sector is full of high-value targets, and so far, it’s largely unregulated in terms of mandates for some cybersecurity controls. The sector is a major target for ransomware because attackers go after targets that are likely to pay. Historically, manufacturing companies have been quick to pay ransoms so they can get their operations back online.

On the positive side, OT security solutions are currently staying ahead of the AI-based attacks increasingly being used by cybercriminals. And the increased recognition of the risks to OT systems has led to budget increases, more focus from industry groups, and more regulations and assistance from governments.

Some sectors may see more enforcement of baseline protection and practices going forward. Unfortunately, those sectors that are seeing more cyberattacks are also likely to see their cybersecurity insurance premiums increase and their coverage shrink.

2. Changes in Patching Approaches

The second trend I’m seeing relates to the patching of OT systems. In addition to PLCs, patching needs to include the networking solutions located in the OT environment, physical security systems, such as cameras and vision systems, and the various other sensors and controllers used in production.

Most OT organizations have outdated legacy devices for which no updates or patches exist, yet the business must maintain production 24/7. In many cases, it simply isn’t feasible to take a system offline for weeks or months to update or maintain it.

Some industries are now also facing regulations requiring patching certain issues or implementing a specific patching strategy. Patching older systems can also lead to compatibility and interoperability issues that can be difficult or impossible to troubleshoot and fix.

In 2025, I predict some OT organizations will take a more holistic approach to patching. Instead of attempting to patch a device that will never have updated firmware or trying to find the budget to rip and replace the equipment, organizations will take a holistic attack surface management approach. This strategy involves segmentation and microsegmentation, OT application inspection, and virtual patching. With this approach, ideally, no action is needed when a new OT device vulnerability is discovered.

Richard Springer, Fortinet.
Podcast
What’s Really Happening with Industrial Cybersecurity & What You Can Learn

Manufacturing is now the #1 target for hackers. In this episode of our “Automation Chat” podcast from The Journal From Rockwell Automation and Our PartnerNetwork magazine, “What’s Really Happening with Industrial Cybersecurity, and What You Can Learn,” Executive Editor Theresa Houck chats with Fortinet’s Richard Springer about a study on unprecedented cybersecurity risks. Learn key takeaways, cybersecurity trends, the role of IT/OT collaboration, and more.

Listen on your favorite podcast app or on the web, or watch their conversation on YouTube.

** Named Best Podcast for 3 Consecutive Years! 2022 - 2024 Apex Awards of Publication Excellence.

Listen Now Watch Now

3. Increase in OT Cloud Adoption

In 2025, we’ll see more cloud-enabled devices within the OT-secured perimeter and more IT cloud and OT dependencies as more companies move from isolated OT systems to integrated environments with industrial IT, cloud and wireless systems.

According to the 2024 SANS ICS/OT Cybersecurity Survey, 26% of organizations now use cloud tech for industrial control systems and OT applications, representing a 15% increase in only one year. Many organizations need simple, scalable, cost-effective, secure remote access for third-party maintenance or secure access to performance monitoring or SaaS cloud-based solutions to enable collaboration across distributed teams.

Across most industries, secure access to cloud-hosted industrial applications is vital. So, extending security beyond the traditional OT perimeter is essential for resilience in modern OT environments. They should be brought together with an OT-converged cybersecurity platform to secure people, processes and technology.

The first step is to secure the OT perimeter with segmentation and create zones and conduits using a firewall that understands industrial protocols. Supporting remote connectivity can then be added using SD-WAN and SASE and by implementing role-based access control with multifactor authentication to ensure only authorized users can access certain systems.

4. More 5G in OT

In 2025, I expect to see the continuing adoption of 5G in OT. On the IT side, the use of cellular technologies has been around for more than a decade, but several factors continue to drive 5G adoption in OT. Reliable connectivity is critical, and there’s a need for broadband in remote areas where cable or fiber simply isn’t available.

Certain OT functions, such as business continuity, require low-latency connectivity, which is a limitation of satellite connectivity. I foresee private 5G increasingly being used as an industrial LAN technology for factory robotics that require low latency, such as automated guided vehicles (AGVs), autonomous mobile robots (AMRs), and other Industrial Internet of Things (IIoT) devices.

Theresa Houck, Executive Editor, The Journal From Rockwell Automation and Our PartnerNetwork magazine
Podcast
8 Key Industrial Automation Trends in 2025

In our award-winning industrial automation podcast, Automation Chat, The Journal’s Executive Editor Theresa Houck reveals 8 key trends in 2025 shaping the future of manufacturing, including AI, edge & cloud computing, connected worker technology, wireless private 5G and more. And she puts them into context for you regarding efficiency, profitability and the skilled worker shortage.

Listen on any podcast app or on the web.

** Named “Best Podcast” for 3 Consecutive Years! 2022-2024 Apex Award of Publication Excellence.

Listen Now

The performance of 5G can overcome the limitations of traditional broadband access in both WAN and LAN applications. I predict private 5G will grow as a Wi-Fi backbone for widespread Wi-Fi deployments at multi-site locations to reduce the amount of cable or fiber breakouts needed. Deploying private 5G with 5G gateways as wireless switches and connecting multiple access points can offer security connectivity for distributed sites and sites that need IIoT connections.

Securing 5G will require overcoming gaps among point products and lack of visibility across the entire extended network. More external modem gateways will emerge over time because they can increase network reliability and network costs and can be deployed more quickly than traditional approaches.

5. Growth of AI in OT Security

In OT environments, AI is used for various purposes, such as:

  • Predictive maintenance.
  • Process optimization.
  • Autonomous operations.

In 2025, I predict that AI will increasingly be used for OT security for anomaly detection, behavioral profiling, vulnerability management, and security automation and orchestration. In addition, cyber-physical security systems will also take advantage of AI for access control systems, video surveillance and intelligent video analytics, environmental monitoring and threat detection, and perimeter security such as cameras, sensors and drones.

The growth in AI-enabled security monitoring will help reduce costs. Still, it will also require new security controls to ensure hackers aren’t able to spoof these physical security systems or inject malware into OT environments. The use of AI will continue to grow for both cyber defense and offense.

OT Security Today and Tomorrow

If there’s one thing we can count on, it’s that OT security will evolve and change. Every day, organizations face new threats, vulnerabilities and risks across their IT and OT environments. It’s important for OT leaders to remain alert to new developments so they can be proactive about improving security and protecting their critical OT assets.

Fortinet is a Rockwell Automation Technology Partner and global cybersecurity solutions provider, with more than half a million customers and 50+ enterprise-grade products. FortiGuard Labs, the company’s threat intelligence and research organization, develops and uses ML and AI technologies to provide protection and actionable threat intelligence. Its FortiGate firewall solution supports digital acceleration, serving as the heart of FortiOS Everywhere, providing deep visibility and security in a variety of form factors, including container firewalls, virtual firewalls and appliances. The Fortinet Security Fabric provides automated protection, detection and response along with consolidated visibility across both Fortinet solutions and more than 500 third-party solutions.

 

 

 

The Journal From Rockwell Automation and Our PartnerNetwork™ is published by Endeavor Business Media.

Topics: The Journal

You may also be interested in

Loading
Loading
Loading
Loading
  1. Chevron LeftChevron Left Rockwell Automation Home Chevron RightChevron Right
  2. Chevron LeftChevron Left Com... Chevron RightChevron Right
  3. Chevron LeftChevron Left News Chevron RightChevron Right
  4. Chevron LeftChevron Left The Journal Chevron RightChevron Right
  5. Chevron LeftChevron Left Top 5 OT Cybersecurity Predictions for 2025 Chevron RightChevron Right
Please update your cookie preferences to continue.
This feature requires cookies to enhance your experience. Please update your preferences to allow for these cookies:
  • Social Media Cookies
  • Functional Cookies
  • Performance Cookies
  • Marketing Cookies
  • All Cookies
You can update your preferences at any time. For more information please see our {0} Privacy Policy
CloseClose