When cyberattacks halt operations: why OT security is business-critical today
In scenarios where digital attacks can disrupt real-world processes, OT security is a key issue. Networked production facilities, medical equipment and energy and transport systems are now more vulnerable than ever, and the risks are often hidden. However, steps can be taken to address this.
February 2026, Text: Andreas Heer, Image: Swisscom 12 Min.
A single security vulnerability can be all it takes to bring everything to a standstill: systems shut down unexpectedly, control centres lose connection to sensors and production controllers stop responding. What used to be considered a theoretical risk is increasingly becoming a real threat: more and more cyberattacks are now targeting operational technology (OT), i.e. systems that monitor and control physical processes.
These attacks are often not – or not only – about theft and encryption of data using ransomware, but rather about disrupting or manipulating real-world processes. Production lines, energy supplies and medical devices can be directly affected – with consequences that extend far beyond the digital realm. According to the PAC OT security trend study, even the failure of secondary systems such as passenger lifts in hospitals can lead to dangerous situations. Attacks on OT therefore put both equipment and people at risk.
The new reality of attacks: from IT to the physical world
IT, OT and IoT connectivity increases the attack surface in all industries. Ransomware and other attacks on critical infrastructure and industry – such as acts of sabotage – are surging and threaten not only value creation, but also human and environmental safety. Healthcare, energy supplies, manufacturing industry and public transport in particular are under pressure due to high availability requirements and strict regulations.
At the same time, production facilities, supply networks and critical infrastructure components are increasingly networked. This is creating new avenues of attack – via remote access, control systems and IT/OT interfaces. Attackers may use this combination to gain control, encrypt information or deliberately disrupt operating processes.
At the same time, OT security is often an organisational and technical blind spot: traditional IT managers are seldom responsible, the security level and tools are outpaced by IT given the long lifespan of the equipment, patching is all but impossible due to legacy systems and certifications, and air gap security is proving ineffective in digitalised environments.
One thing is clear: traditional IT security approaches are not sufficient for OT environments, which require specific strategies to ensure the continuous operation and physical security of installations.
How networked IT and OT environments are changing the system landscape – and how OT security and governance are strengthening cyber resilience.
The threat status in key sectors
Manufacturing industry
In industrial production, cyberattacks often result in immediate shutdowns. Production downtime, defective output and delivery delays quickly lead to high costs.
Typical challenges:
- Legacy controls: Outdated systems, missing patches, certification requirements; interruptions for updates are not tolerated.
- False sense of security: Misplaced trust in security through obscurity/air gapping; remote access protection is often insufficient.
- Opaque OT landscape: Lack of overall visibility of assets, zones, accesses and shadow OT.
Benefits of OT security:
- Risk transparency: Transparent, prioritised risk and vulnerability landscape with clear measures that do not disrupt production.
- Business continuity: Early detection of OT anomalies before production downtime occurs.
- OT journey: Gradual embedding of security in all OT processes
Energy, water supply and waste disposal
Energy and water supply systems are amongst a country’s most critical infrastructure. They are controlled via complex OT networks that have evolved over time and are becoming increasingly digitalised and therefore more vulnerable. Cyberattacks on such systems endanger not only individual plants, but also indirectly the security of supply, for example through power outages.
Typical challenges:
- Legacy controls: Outdated systems, missing patches, certification requirements; interruptions for updates are not tolerated.
- False sense of security: Misplaced trust in security through obscurity/air gapping; remote access protection is often insufficient.
- Lack of network transparency: Lack of transparency regarding assets, access and network paths; remote access protection is sometimes poor or ‘forgotten’.
Benefits of OT security:
- Business continuity: Early detection of OT anomalies before supplies are disrupted.
- Resilience and compliance: Demonstrable resilience and compliance fitness in respect of the Electricity Supply Ordinance (StromVV), NIS 2 and ICT minimum standards.
- OT transparency: Transparent view of all assets, communication channels and accesses – across responsibilities.
Public transport
In the transport sector, OT system failure can have a direct impact on timetables, display systems and operational reliability. In addition to traditional cyberattacks, maintenance and third-party systems are also increasingly being targeted.
Typical challenges:
- Legacy OT and data networks: Unpatched control systems that have evolved over time and flat data networks without segmentation increase the operational risk.
- Asset and network blind spot: No complete inventory of critical control centre, vehicle and infrastructure systems and associated data networks.
- Shortage of resources: Too little OT security know-how and time for monitoring, analysis and secure modernisation of data networks.
Benefits of OT security:
- OT and network transparency: Clear view of all critical OT assets and data network communication paths (control centres, signals, depots, vehicles).
- Business continuity: Early detection of OT and data network anomalies before services are disrupted.
- Operational resilience: Shorter disruption and response times, better on-time performance KPIs and auditable fulfilment of NIS 2/ICT requirements.
Healthcare
Hospitals, laboratories and health networks rely heavily on the smooth operation of technical systems. Alongside IT, medical devices and sensors are increasingly becoming targets as part of OT.
Typical challenges:
- Unpatchable medical devices: Durable, certified medical devices for which patches are not available or not permitted.
- Availability architectures: Historically designed architectures based on availability/response.
- Remote access: Inconsistent protection of remote maintenance access, lack of overall visibility of devices and access paths.
- High criticality: Outages with a direct impact on patient care.
Benefits of OT security:
- Clinical continuity: Early detection of OT anomalies prevents failures in operating theatres and hospital operations.
- Compliance & transparency: Clear risk situation with prioritised, regulatory-compliant measures for a secure clinical OT environment.
- Data and device protection: Ensuring data integrity and stable availability of critical medical devices.
The myth of air gap protection in OT security
Many companies are still relying on the perceived isolation (‘air gapping’) of their production networks. In reality, however, there are numerous connection points – via remote maintenance, cloud services and data interfaces. An ‘infected’ laptop connected by an on-site technician can also pose a threat.
Organisations that do not know or document these risks are operating in a dangerous lack of transparency.
This is why transparency is the first step towards resilience. Organisations have to know their OT landscape to effectively manage risks and set the right OT-Security priorities.
Operational reliability starts with visibility
OT security is no longer an option – it is a basic prerequisite for the reliable operation of modern infrastructures. The PAC OT security trend study provides actionable recommendations on how to approach this and to prioritise measures to improve protection. One clear recommendation is to start with the ‘quick wins’ and work gradually towards the desired level of security.
Organisations that strategically anchor OT security not only gain protection, but also operational stability, regulatory clarity and trust from partners and customers.