Article

Industrial companies are at high risk of a cyberattack

Having an industrial control security program in place is essential

June 15, 2026

Key takeaways

Much critical infrastructure relies on legacy systems that are more susceptible to cyberattacks.

Segmentation between IT and OT environments can help prevent attacker's access to OT systems.

An OT/ICS security assessment can provide insight into the current security posture.

#
Cybersecurity
Cybersecurity consulting Manufacturing Digital evolution Energy

This article has been updated from the original, published on May 31, 2024, to reflect new events, conditions or research.

Cybersecurity in industrial environments has long been a board-level concern, but the threat landscape in 2026 has elevated cyber risk to a core operational issue. Manufacturing and energy companies are particularly exposed as digital transformation accelerates, assets become more interconnected and reliance on third-party providers increases the attack surface.

Across the middle market, cybersecurity is becoming more complex and harder to manage. Nearly 18% of executives surveyed in the RSM US Middle Market Business Index Special Report: Cybersecurity 2026 said their companies experienced a data breach in the previous year. The report details how increased artificial intelligence usage, AI-enhanced threats, ongoing economic pressure and evolving risks are reshaping cybersecurity strategies.

Survey results point to rising concern and investment. Eighty-one percent of survey respondents said they expect to increase cybersecurity spending in the coming year, and 24% experienced at least one ransomware attack or demand in the last year.

For industrial organizations, maintaining resilience against cyberthreats depends on strengthening key foundations as risks continue to evolve. Greater focus on governance, clearer visibility across IT and operational technology environments, and stronger incident preparedness are becoming more critical as attackers target operational disruption and financial impact.

For industrial companies, weak cybersecurity endangers computer programs as well as factory systems and power plants. The outdated infrastructure of many manufacturers also makes them a target, and cyberattacks may hinder production and profitability.
Tauseef Ghazi, partner and national leader of security and privacy, RSM US LLP

Why is the industrial sector at such high risk of destructive cyberattacks?

For decades, our economies and daily lives have depended on operational technology (OT), such as industrial control systems (ICS) or supervisory control and data acquisition (SCADA) systems, for necessities like bringing water, power and gas into our homes; transporting gasoline needed for vehicles; running public transit; and manufacturing consumer products like food, medicine and beverages.

OT was not designed for our digital world, and therefore, much of our critical infrastructure runs on legacy systems that are more susceptible to cyberattacks. Many of these systems don’t have the protective features and capabilities that we’ve come to expect from modern systems (e.g., antivirus software, security patches, passwords, etc.). Operational limitations historically kept such protections from being used. However, the need for real-time information when making business decisions and optimizing performance has required these systems to be connected to our business networks and the internet.

Cyberattacks on these systems now can affect the safety of workers and the public. As a result, our critical infrastructure must not only secure these systems against attacks, but also incorporate operational resilience for continued operations in the event of a successful cyberattack.

What is the potential fallout of a cyberattack affecting OT?

Considering the impact these OT/ICS/SCADA systems have on our daily lives, including many critical infrastructure processes, the availability of these systems, and any other applications they rely on, is essential. Security breaches in the IT environment can create a chain reaction that is harmful to our economy, infrastructure and daily lives.

Here are some possible consequences when OT/ICS/SCADA systems are affected by a cyberattack:

  • Loss of utilities: no water, energy or gas for homes, hospitals and military bases
  • Loss of communications: no cellphones or landlines, no first-responder communications
  • Transportation disruptions: insufficient fuel to supply cars, buses and planes; delays in or loss of automation-dependent public transit (e.g., subways, light rail)
  • Public safety concerns: explosions, contamination of air and water, civil unrest resulting from prolonged loss of utilities
  • Scarcity of consumer products: cleaning supplies, food, medicines, beverages, etc.

Safeguarding against cybersecurity incidents affecting operations

Not all companies need highly complex security programs, but any industrial environment should have an industrial control security program in place. When developing these programs, companies should consider basic elements to protect their systems, detect possible attacks, and respond and recover from an incident.

Reduce the risk of compromise by using or implementing strong security measures like:

  • Multifactor authentication (e.g., one-time PIN, hardware token) for remote access to IT and OT networks
  • Asset mapping to identify critical systems for operational processes to ensure those systems are properly secured
  • Continuous security assessments to evaluate the access and impact of an attacker on the network
  • Spam filtering to prevent phishing emails with malicious files and links from getting to users
  • Security training and phishing testing to support user awareness
  • System security updates to avoid compromises with known vulnerabilities
  • System hardening to disable unnecessary applications and services that attackers commonly use

Reduce the impact of an attack by:

  • Implementing network segmentation between IT and OT environments to prevent attacker access to OT systems, and to allow continued OT operations in case of IT environment compromise
  • Identifying system dependencies and testing manual workarounds to build resilience against technology-induced outages
  • Implementing monitoring and detection mechanisms to be alerted of malicious activity instantly
  • Backing up critical systems and data regularly, testing the backups, and keeping offline and off-site copies

How can RSM help?

RSM has a dedicated team of cybersecurity professionals specializing in OT/ICS/SCADA environments. Our practice leaders have experience in securing companies in the oil and gas, power and utilities, manufacturing, chemical/petrochemical, mining, and communications industries, among others.

We have helped our clients through assessing their current state, designing rightsized OT/ICS/SCADA security programs and architectures with an implementation road map, and implementing these programs and architectures with the technical, strategic and governance-related components.

For companies wondering whether something like this could happen to them and how well they are protected, we offer a rapid OT/ICS security assessment, which includes:

  • OT/ICS architecture evaluation
  • OT/ICS security process discussions
  • OT/ICS vulnerability scanning

Through this analysis, we can help you identify not just the current state of your OT/ICS security program, but ultimately your resilience level against typical attacks.

RSM contributors

Related insights

Related solutions

RSM US MMBI

Cybersecurity special report

Our annual insights into cybersecurity trends, strategies and concerns shape the marketplace for midsize businesses in an increasingly complex risk environment.