In tabletop workouts the corporate performed in 2025, 88% of individuals had bother detecting threats, 94% had issue with containment, and 82% struggled to activate their incident response plans. Throughout real-world engagements, a 3rd of incident response circumstances started not with an alert from a product however with an operator noticing one thing appeared incorrect, and in most of these circumstances, the information wanted to research the incident had by no means been collected.
Dragos additionally discovered that 82% of OT asset homeowners lack outlined standards for when an operational anomaly ought to set off a cybersecurity investigation. On prime of that, 81% of environments assessed had poor IT/OT community segmentation, and 56% of penetration exams discovered that attackers might transfer laterally inside OT networks utilizing respectable system instruments with out being detected.
“We’ve advised our neighborhood, construct an enormous glass home, however the second that perimeter is breached, like, I don’t know, good luck,” Lee stated, noting that roughly 90% of security steerage for OT environments focuses on perimeter protection (“patch, passwords, antivirus, entry controls, safe mode entry”), with lower than 10% addressing detection and response as soon as intruders are contained in the community.
