The manufacturing sector is facing a perfect storm of cyber threats, but Fortinet’s latest 2025 State of Operational Technology and Cybersecurity Report suggests companies are finally taking operational technology (OT) security seriously—and it’s paying off.
Leadership Takes Control
A dramatic shift is happening in corporate boardrooms. More than half of organizations (52%) now place OT cybersecurity directly under their Chief Information Security Officer, a massive jump from just 16% in 2022. This trend shows no signs of slowing, with 80% of companies planning to consolidate OT security under the CISO within the next year.
This executive-level ownership signals that industrial cybersecurity has evolved from a technical afterthought to a board-level priority. The change comes as manufacturing remains the most targeted sector, representing 17% of all cyberattacks in 2024.
Progress Against the Odds
Despite increasing threats, organizations investing in cybersecurity are seeing real results, according to the comprehensive study of over 550 OT professionals worldwide. The most striking finding: companies with zero security intrusions jumped from 6% in 2022 to 52% in 2025. Even more telling, 65% of organizations with the highest security maturity levels reported no incidents, compared to just 46% of less mature companies.
This improvement comes as criminals increasingly target manufacturing operations. Nation-state actors and ransomware groups exploit manufacturers’ need to resume operations quickly, making production facilities lucrative targets for extortion.
The Maturity Advantage
The report reveals a clear correlation between security maturity and incident reduction. Nearly half of organizations (49%) now rate their cybersecurity processes at Level 4—the highest maturity level where security measures are continuously improved through feedback and threat intelligence.
However, solution maturity lags behind process improvements. Most organizations remain at Level 2 maturity for security solutions, having established basic visibility and segmentation but not yet implementing advanced features like predictive behavior analysis or automation.
Aging Infrastructure Challenges
A critical vulnerability remains embedded in manufacturing floors worldwide. Most industrial control systems are at least six years old, with some dating back decades. These legacy systems were designed for isolation, not today’s connected industrial environment where the “air gap” between operational and corporate networks continues to shrink.
Organizations are responding by investing in newer systems—22% of industrial control systems are now less than five years old, up from previous years. For aging equipment that can’t be replaced, companies are turning to virtual patching and compensating controls to maintain security.
Best Practices That Work
The most successful organizations are adopting several key strategies. Network segmentation ranks as the top priority, creating defensive zones between operational and corporate systems. Enhanced visibility follows, helping identify and protect vulnerable assets that can’t be easily patched.
Perhaps most importantly, mature organizations are consolidating vendors to reduce complexity. In 2025, 78% of companies use only one to four OT device vendors, streamlining management and improving security oversight. This platform approach enables centralized threat intelligence and automated responses across integrated systems.
The evidence is clear: while OT cybersecurity threats continue to intensify, organizations that invest in mature security practices, executive oversight, and integrated platforms are successfully defending their critical operations. For manufacturers still treating cybersecurity as an IT problem rather than a business imperative, the window for reactive approaches is rapidly closing.
