As organizations in the U.S. pursue digital transformation and operational efficiency, operational technology (OT) has become both a necessity and a growing vulnerability. Once the domain of heavy industries like manufacturing, energy, and transportation, OT is now embedded in nearly every business environment, from building HVAC systems to inventory tracking and facility security.
Historically isolated from IT systems, OT has evolved rapidly with the integration of supervisory control and data acquisition (SCADA) systems and Internet of Things (IoT) devices, enabling real-time automation and smarter operations. However, this convergence has dramatically expanded the attack surface, leaving critical systems increasingly exposed to cyber intrusions.
A Fortinet 2024 report1 revealed that 73% of organizations experienced an OT-impacting breach in 2024, up significantly from 49% the year before. As OT and IT continue to converge, especially in smart facilities and infrastructure-heavy industries, the potential fallout from cyber incidents becomes more severe. Yet, in many cases, legacy hardware remains a low priority for cybersecurity investment, making older systems ripe targets for attackers.
The U.S. Risk Landscape: OT + IoT = Opportunity for Attackers
Modern OT environments are rarely siloed. In U.S.-based facilities, these systems are often decades old, yet are now integrated with enterprise IT networks and connected devices to improve efficiency and responsiveness. This integration introduces new cyber risks, creating complex, interdependent systems where a single vulnerability can provide attackers access to critical operations.
Unlike IT systems, OT components often lack the same built-in protections. For example, industrial control systems (ICS) may not support encryption or modern authentication protocols. IoT devices further complicate the picture, with risks such as:
- Weak authentication: Many IoT devices still use factory default credentials or lack multifactor authentication (MFA).
- Unsecured communication channels: Sensitive operational data may be transmitted without encryption.
- Firmware vulnerabilities: Patch management is inconsistent, leaving devices open to known exploits.
In the U.S., the consequences of OT cyberattacks are all too real. The 2021 Colonial Pipeline ransomware attack disrupted fuel supply across the eastern seaboard, highlighting how OT vulnerabilities can lead to national infrastructure crises. State-sponsored cyber actors are increasingly targeting energy grids, transportation systems, and water facilities, often leveraging IoT or third-party gateway vulnerabilities.
U.S.-Relevant Best Practices for Managing OT Risk
To secure increasingly connected OT environments, U.S. organizations should adopt a layered, proactive cybersecurity approach that treats OT systems with the same rigor as IT. Key strategies include:
- Adopt a risk-based OT cybersecurity program: Prioritize protection for the most critical systems, such as power generation, production lines, and facility safety controls.
- Apply segmentation: Separate OT, IoT, and IT environments to limit attack spread. Strategic segmentation reduces risk without sacrificing efficiency.
- Enforce least-privilege access: Limit both human and machine permissions to prevent lateral movement within networks.
- Require MFA: Especially for remote or administrative access to OT systems and connected devices.
- Invest in cross-functional training: Many OT teams lack cybersecurity expertise. Regular drills, vulnerability assessments, and simulated breaches can prepare teams for real-world threats.
- Modernize your incident response plan: Incorporate OT-specific scenarios into red team exercises and disaster recovery planning to help ensure your organization is prepared for blended IT/OT attacks.
A Call for Preparedness in U.S. Business & Infrastructure
As the U.S. continues its digital evolution, the convergence of OT, IT, and IoT presents both opportunity and risk. Businesses can no longer afford to treat OT as an isolated system, especially as cyber attackers grow more sophisticated and emboldened. Whether you’re in manufacturing, logistics, energy, or commercial real estate, now is the time to build OT into your broader cybersecurity strategy.
At Forvis Mazars, we can help U.S. organizations identify and close the cybersecurity gaps in their operational technology environments. Let’s gauge your current OT risk posture and build a future-ready cyber resilience plan. For more insights, read our cyber trends and tips for 2025 and check out our archived webinar. If you have any questions or need assistance, please reach out to one of our cybersecurity professionals.
- 1 “Fortinet Report: Threat Actors Are Increasingly Targeting OT Organizations,” fortinet.com, June 18, 2024.