Security news aggregator

Latest coverage for Operational Technology

Operational Technology controls physical processes, so cyber risks can disrupt safety, reliability, and availability across connected industrial systems.

147 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Operational technology (OT) comprises hardware and software that monitor and control physical processes—such as PLCs, RTUs, HMIs, SCADA, and DCS—in manufacturing, utilities, transport, and buildings. Its assets include controllers, sensors, actuators, engineering workstations, and the networks linking them. OT depends on precise timing, reliable communications, and safe states; outages or incorrect commands can stop production or affect physical safety, even when little sensitive data is involved.

Security concerns arise where OT connects to enterprise networks, vendor remote-access paths, or internet-facing services. Legacy protocols and long-lived devices may lack authentication, encryption, logging, or practical patching options. A compromise could alter setpoints, inhibit alarms, or disrupt availability, but impact depends on process design and safeguards. Defenders typically segment control networks, restrict and monitor remote access, maintain asset and dependency inventories, use passive monitoring where active scanning is risky, and test recovery and safe manual operation. Vulnerability management must account for maintenance windows, vendor support, and safety validation rather than treating every patch like IT.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 147 Filtered view

National Risk Assessment Cites CrowdStrike Lessons Learned, Hybrid Warfare RisksThe British government's latest national security risk register sees a rising threat posed by cyberattacks disrupting operational technology in more critical national infrastructure sectors, and cites the CrowdStrike outage in "digital resilience failure" lessons to be learned.

Bank Info Security 4 weeks, 1 day ago

Accenture Buys Majority Stake in Dragos in $4.2B Deal

Deal Combines Dragos OT Threat Detection With runZero, NetRiseAccenture is acquiring a majority stake in Dragos and full ownership of runZero and NetRise in a $4.2 billion deal to build an end-to-end OT cybersecurity platform for power grids, water systems, manufacturing plants and other critical infrastructure operators.

Vital Service Providers Need a Plan to Work Through Internet Outages, CISA SaysCritical U.S. infrastructure like water, power and even banking systems will be successfully hacked by enemy cyber warriors in the event of a military confrontation with a peer adversary like Russia or China, officials from the nation's civilian cyber defense agency said.

OT Operators Shouldn't Wait for Mythos Access to Probe CodebasesThe abrupt, government-ordered cut-off of access to Mythos 5, the most cyber-capable of Anthropic's large language models, has underlined a message security experts have been trying to get out to the operational technology community: You don't need Mythos.

More OT Companies Ushered Into Project GlasswingAnthropic has finally lifted the velvet rope and allowed a small handful of operational technology companies to join Project Glasswing, its invitation-only club whose members get access to Mythos, the most cyber-capable of the frontier lab's large language models.

Bank Info Security 1 month, 1 week ago

Data Center OT Flaws Could Help Hackers Kill Power and AC

Claroty Warns of Downtime, 'Devastating' Impact of Vulnerabilities in OT SystemsVulnerabilities in backup power devices and heating and cooling control systems widely used in data centers could enable remote cyberattacks and result in costly downtime and "devastating" operational impact, according to new research from OT security firm Claroty.

Bank Info Security 1 month, 1 week ago

CISA Urges OT Operators to Plan for Worst Case Scenarios

Does No Internet Also Mean No Water or Lights?The latest initiative from the U.S. cyber defense agency aimed at operational technology operators is a little bit different. It's not advice about how to keep hackers out. It's not really about cybersecurity at all. CI Fortify is about what to do when cybersecurity fails.

Bank Info Security 1 month, 2 weeks ago

Dragos Expands Into Connected Devices With Phosphorus Buy

OT Firm Looks to Secure IoT, Industrial and Medical DevicesDragos, one of the first OT cybersecurity companies, announced Monday it acquired Phosphorus, the IoT security and management player, a move analysts said was designed to catch Dragos up with its competitors and expand its offerings to cover the quickly growing IoT sector.

Bank Info Security 1 month, 4 weeks ago

New CEO Joe Diamond Pushes Axonius Beyond Asset Management

Axonius Wants Enterprises to Spot Assets and Automate Remediation From One PlatformNew Axonius CEO Joe Diamond said the New York-based company is evolving from asset management to asset intelligence by combining visibility, contextual correlation and automated remediation across IT, IoT, OT and emerging AI agent environments. Diamond takes over from founding CEO Dean Sysman.

AI-Developed Attack Tooling Generated 'High-Volume, Noisy Workflows'A hacker used Claude and Chat GPT in a cyberattack against a municipal water and sewage utility's operational technology systems in Mexico in January, according to forensic analysis by OT security firm Dragos. The tools "leveraged known techniques and existing vulnerability knowledge."

Bank Info Security 2 months, 2 weeks ago

Cybersecurity Experts Unimpressed With CISA OT Guidance

Zero Trust Is 'Essential' - But Who Pays for It?New guidance from the U.S. Cybersecurity and Infrastructure Security Agency on adapting zero trust security principles for operational technology is fine as far as it goes, but is pretty high-level and ignores or fudges a couple of key questions, say executives and experts.

Bank Info Security 2 months, 2 weeks ago

OT Cybersecurity Frozen Out by Frontier Labs

Exclusion of OT From AI-Powered Vulnerability Discovery Poses Risks to National SecurityHyperscalers and IT behemoths are on the list, while OT companies are not. The list in question includes the companies that have special access to powerful new models from the two major U.S. frontier AI labs to identify vulnerabilities before hackers get access to similar technology.

Bank Info Security 2 months, 3 weeks ago

Maritime Cybersecurity Rules Make Waves

New Rules Will Jolt Maritime Cybersecurity Market Amid Geopolitical AnxietyA Coast Guard rule imposing standards on operational technology systems in ports and larger U.S.-flagged commercial vessels is poised to supercharge the maritime cybersecurity market - a boon granted by concern that shipping is a weak target for a world roiled by mounting geopolitical tensions.

Also: NY State Regs Test Resilience vs Compliance, OT Security Nears Breaking PointIn this week's panel, four ISMG editors explore the industry's response to Anthropic's Mythos AI breakthrough, whether tighter New York state cybersecurity rules are driving real resilience or simply compliance, and why operational technology security is fast becoming a critical frontline concern.

'We've Yet to Find Any Mission That Can Work Without Power or Water'The Air Force is the first, and so far only, American military service to have an office dedicated to OT cybersecurity, blazing a path other services should follow, according to officials and industry observers. These are systems without which the United States can't go to war.

Forescout's Rik Ferguson on AI-Driven Vulnerability Risks and Visibility GapsAnthropic's Claude Mythos marks a shift in AI-driven vulnerability discovery, but the bigger challenge facing defenders is how to respond. Faster exploit development is exposing gaps in asset visibility, patching and security operations across IT and OT environments, said Forescout's Rik Ferguson.

Bank Info Security 3 months, 1 week ago

Simplify Your Approach to Securing OT Networks

Why OT Security Comes Down to Risk Tolerance, Not Perfect DefenseSecuring OT networks isn't about eliminating risk. It's about managing it strategically. Learn how a three-pillar framework of risk assessment, tolerance and acceptance, paired with a phased approach to microsegmentation, can turn an overwhelming challenge into a manageable journey.

CISA: Iran-Linked Groups Actively Exploiting OT Exposure Risks, PLC ProgrammersFederal agencies are warning that Iranian-linked actors have begun actively exploiting internet-facing PLCs and misconfigured OT systems across U.S. critical infrastructure, enabling network access, lateral movement and potential disruption amid rising geopolitical tensions.

Bank Info Security 3 months, 2 weeks ago

The Open Back Door: Industrial Remote Access

Why Remote Access to Industrial Operations Is the Biggest Unmanaged RiskRemote access has become one of the largest unmanaged attack surfaces in industrial operations. Legacy VPNs and jump servers expose OT environments to serious risk. Learn how Cisco Cyber Vision's Secure Equipment Access can secure vendor and engineer access while protecting critical infrastructure.

Loading more headlines...