Send message to

Do you want to send the message without a subject?
Please note that your message can be maximum 1000 characters long
Special characters '<', '>' are not allowed in subject and message
reCaptcha is invalid.
reCaptcha failed because of a problem with the server.

Your message has been sent

You can find the message in your personal profile at "My messages".

An error occured

Please try again.

Make an appointment with

So that you can make an appointment, the calendar will open in a new tab on the personal profile of your contact person.

Create an onsite appointment with

So that you can make an onsite appointment, the appointment request will open in a new tab.

  • Whitepaper
  • OT Security

The state of OT cybersecurity 2024/2025

Metrics and trends globally and locally

Challenges of OT cyber security 2025: Growing attack surface and inadequate strategies in the industry

The OT cybersecurity situation will remain challenging in 2025. Although only a few campaigns directly targeted industrial facilities compared to the total number of cyberattacks, the attack surface continues to grow.

At the same time, many industrial companies are still in the early stages of developing a structured and effective OT cybersecurity strategy. Rhebo has summarized the current developments in OT cybersecurity in its report "The State of OT Cybersecurity 2024/2025 - Metrics and Trends, from global and local” and enhanced it with insights from live projects at industrial companies.

In a nutshell:

  • Globally, OT cybersecurity is becoming more and more essential. Cyber incidents in IT are increasingly affecting physical processes through spillover into OT. Obfuscation tactics, living-off-the-land techniques, zero-day vulnerabilities, stolen access data, and prepositioning are escalating the threat landscape. In 2024, three new OT-enabled malware programs were discovered in a single year. 
  • In the EU, regulation is gaining momentum: NIS2 and the Cyber Resilience Act will require over 400,000 companies to implement cybersecurity measures. However, implementation is slow. Vulnerabilities in supply chains, attacks via remote access, and a lack of transparency regarding the components used are widespread (not only in Europe). 
  • Germany ranks second worldwide in terms of the number of malicious actors targeting the country. Only the US faces a larger number of adversaries. Nevertheless, according to the German Federal Office for Information Security (BSI), only 31% of operators of critical infrastructure in the German utilities sector have met all the “MUST” requirements for an intrusion detection system. 
  • Rhebo has analyzed numerous OT networks as part of its Rhebo Industrial Security Assessments. The results show that fundamental vulnerabilities remain, opening up potential attack surfaces. They also reveal how great the need for visibility and security monitoring of legacy systems is.

The good news is that many companies want to actively improve their OT security.
But getting there requires:

  • Visibility and transparency across systems and communication flows. 
  • Technological understanding of OT-specific risks and vulnerabilities. 
  • Reliable processes for detecting and evaluating security incidents. 
  • Partnership-based support for analysis, monitoring, and training. 

In many cases, it is not so much a lack of will as a lack of clarity about how and where to start. A Rhebo Industrial Security Assessment provides visibility and transparency into OT risks and lays the foundation for an effective OT network intrusion detection system.

Enter your e-mail adress & download the whitepaper as a PDF file

Your contact details

Declaration of consent

I consent to the information I have provided, i.e. surname, first name, company and e-mail address, being transmitted to the company that provided the whitepaper for the purpose of supporting customers and interested parties and for the processing of services offered, regardless of whether it is a company from Germany, the EU or other third countries. The downloading of documents is voluntary and does not take place without further co-operation from the user. The legal basis is Art. 6 para. 1 sentence 1 lit. b EU GDPR. I consent to the processing of my data for the purpose of sending the whitepaper by NürnbergMesse GmbH. Further information on data protection, in particular on exercising the rights of data subjects and on how to contact NürnbergMesse GmbH can be found at https://www.itsa365.de/en/data-protection

close

This content or feature is available to the it-sa 365 community. 
Please register or log in with your login data.