A new report from Dragos and Marsh McLennan warns that the global financial impact of cyberattacks targeting operational technology OT systems could exceed $329.5 billion in extreme cases OT Cybersecurity Threat . The 2025 OT Security Financial Risk Report combines a decade of insurance claims data with OT incident modeling to deliver one of the most detailed risk assessments to date.
Decade of Cyber Data Shows Escalating OT Cybersecurity Threat
Drawing from one of the largest independent cyber insurance claims databases, Marsh McLennan’s Cyber Risk Intelligence Center analyzed incidents involving OT networks — the industrial control systems that run manufacturing plants, power grids, pipelines, and other critical infrastructure.
The report models three major scenarios:
- Typical-year business interruption (BI) claims after a cyber incident: $12.7 billion in estimated losses.
- All OT-related cyber incidents: $31.1 billion in estimated losses.
- Rare high-impact cyber events (0.4% likelihood per year): Up to $172.4 billion in BI-related losses, with indirect and cascading impacts pushing the total to $329.5 billion.
Around 70% of OT systems -related breaches have indirect consequences, such as forced shutdowns triggered by security concerns, supply chain disruptions, or failures in connected systems. These cascading effects often outweigh the immediate cost of remediation.
OT Cybersecurity Threat Landscape in OT
Manufacturing emerged as the most at-risk sector, with a 0.71% annual probability of a significant OT cyber incident. High-value targets include chemical manufacturing, pharmaceutical production, utilities, oil and gas operations, and building automation systems.
North America and Europe report the highest number of OT cyber incidents, but underreporting remains a challenge in regions with weaker detection and disclosure requirements. Larger organizations — with expansive, complex OT networks — are more frequently targeted due to their visibility and the potential for large-scale disruption.
The report underscores that OT systems are increasingly connected to corporate IT networks, expanding the attack surface. Ransomware, supply chain compromises, and exploitation of insecure remote access are cited as growing OT Cybersecurity Threat vectors.
Data-Backed Cyber Defense Priorities
Using the SANS ICS 5 Critical Controls framework, the study evaluated how specific OT cybersecurity measures can reduce financial exposure. Risk reduction estimates include:
- Incident response planning: 18.46% reduction in potential financial loss.
- Defensible architecture design: 17.09% reduction.
- Continuous network visibility and monitoring: 16.47% reduction.
- Risk-based vulnerability management: 13.87% reduction.
- Secure remote access protocols: 12.18% reduction.
These controls are most effective when implemented in combination, but the percentages provide a guide for prioritizing cybersecurity investments in budget-constrained environments.
From Risk Numbers to Cyber Strategy
The report’s central message is clear: OT cyber risk is quantifiable and actionable. For Chief Information Security Officers (CISOs) and security teams, the recommendations are to:
- Integrate OT incident response planning with operational and engineering teams, running realistic attack simulations to improve readiness.
- Establish continuous OT network monitoring to detect anomalies early, capture forensic evidence, and limit dwell time for intruders.
- Harden OT architecture to minimize the attack surface and prevent lateral movement from IT to OT networks.
Given the potential for cyberattacks to cause widespread operational and economic disruption, the report emphasizes that independent, insurance-backed data offers a powerful tool for securing executive and board-level buy-in for OT cybersecurity programs.
Also Read :- Luxury Under Threat: Louis Vuitton UK Suffers Cyber-Attack Amid Retail Security Crisis
