Manufacturers and critical infrastructure operators are elevating operational technology (OT) security from a back-office IT concern to a board-level strategic imperative. The shift is driven by escalating cyber incidents, converging regulatory mandates, and a rapidly expanding attack surface created by IT/OT convergence.
Background
The manufacturing sector was the top target for cyberattacks in 2023-2024, accounting for 25.7% of all cyber incidents, with ransomware involved in 71% of those attacks. The risk has intensified as industrial environments grow more connected. In 2024, 49% of affected businesses saw attacks span both their IT and OT systems; by 2025, that figure had risen to 60%.
Regulatory frameworks on both sides of the Atlantic are tightening in parallel. In 2025, OT security regulations are reshaping cybersecurity requirements across energy grids, manufacturing, and critical infrastructure, with organizations required to navigate both U.S. and EU standards-from zero-trust mandates for operational technology to the EU Cyber Resilience Act. CISA's Cyber Performance Goals (CPGs) focus on enhancing OT network segmentation, enforcing zero-trust principles, and strengthening supply chain security.
The U.S. Department of Defense (DoD) formalized the shift in November 2025. The Pentagon published guidance detailing how organizations should apply zero-trust cybersecurity principles to OT systems, outlining 105 zero-trust activities and capability outcomes for OT environments-including 84 activities designated as minimum "target levels" and 21 for "advanced levels" of zero trust.
Details
The global OT security market is estimated at $27.03 billion in 2025 and is projected to reach $122.22 billion by 2034, growing at a CAGR of 18.25%, according to Precedence Research. By vertical, the manufacturing segment is projected to grow at the fastest CAGR between 2025 and 2034.
Investment in vendor solutions is accelerating across the industry. Honeywell's 2025 Cybersecurity Threat Report revealed that ransomware attacks against industrial operators increased 46% from late 2024 to early 2025. In response, major automation vendors have moved to expand their OT-specific security portfolios. In October 2025, Siemens announced SINEC Secure Connect, a zero-trust security platform designed to secure industrial networks and OT environments. Rockwell Automation's "State of Smart Manufacturing Cybersecurity Report" found that 61% of cybersecurity professionals plan to adopt AI to manage industrial cyber risks. In November 2025, the company introduced SecureOT, an industrial cybersecurity solution suite focused on end-to-end OT visibility and risk prioritization.
At the M&A level, ServiceNow entered into an agreement to acquire Armis for approximately $7.75 billion in cash, a deal intended to expand security workflow capabilities across IT, OT, and medical devices.
Architectural strategy is shifting as well. Traditional frameworks such as the Purdue Model were developed more than 30 years ago and were never designed for hyper-connected factories. They lack prescriptive guidance and interoperability for hybrid IT/OT convergence, remote vendor access, real-time analytics, and modern identity frameworks. As the DoD guidance noted, "the core principles of zero trust - data protection, strong authentication, network segmentation, and threat monitoring - apply to OT, but their implementation and deployment timescales require careful consideration of OT-specific constraints and priorities." In practice, aggressive inline zero-trust enforcement in OT environments can disrupt operations or create safety concerns. Instead, OT environments benefit from a risk-based verification strategy that may include out-of-band enforcement.
Organizations with more mature OT security frameworks are experiencing fewer severe incidents than in 2024, with the proportion of attacks causing operational outages dropping from 52% to 42% among those with mature OT security systems in place.
Outlook
Supply chain security has emerged as a critical concern, with organizations implementing stronger controls over third-party network access. Pentagon components are expected to reach target levels of zero trust for their IT systems by the end of fiscal 2027, while the department intends to publish an updated Zero Trust Strategy in early 2026 and develop additional guidance for both weapon systems and defense critical infrastructure. For manufacturers, the convergence of regulatory timelines and expanding threat surfaces means that governance, talent development, and cross-functional IT/OT incident response coordination are shifting from program investments to operational necessities.
