Production losses from cyber breaches: Industrial bodies asked to take required steps

ISLAMABAD: A leading cyber security company has warned industrial organizations to take steps to avert production losses as well as reputational and financial damages that can result from possible cyber breaches.

According to a latest study conducted by Kaspersky in collaboration with VDC Research 7% of industrial organizations tackle vulnerabilities only when necessary. This leaves them exposed to unplanned downtime, production losses and the reputational and financial damages that can result from possible cyber breaches.

A study “Securing OT with Purpose-built Solutions” conducted by Kaspersky in collaboration with VDC Research, illuminates the shifting landscape of cybersecurity within the industrial sector. Focusing on key industries such as energy, utilities, manufacturing and transportation, this research surveyed over 250 decision-makers to unveil vital trends and challenges faced in fortifying industrial environments against cyber threats.

Recent survey findings reveal a concerning trend: a significant number of organizations are not engaging in regular penetration testing or vulnerability assessments. Only 27.1% of respondents perform these critical evaluations on a monthly basis, while the majority—48.4%—conduct assessments every few months. Alarmingly, 16.7% do so only once or twice a year, and 7.4% address vulnerabilities solely as needed. This inconsistent approach can leave organizations vulnerable as they navigate an increasingly complex threat landscape.

Every software platform is inherently vulnerable to bugs, insecure code, and other weaknesses that malicious actors can exploit to compromise IT environments. For industrial companies, effective patch management is therefore crucial to mitigate these risks. Disturbingly, many organizations patch their OT (Operational Technology) systems only every few months or even longer, significantly heightening their risk exposure. Specifically, 31.4% apply patches monthly, while 46.9% do so every few months, and 12.4% update only once or twice a year.

These challenges in maintaining effective patch management are exacerbated in OT environments, where limited device visibility, inconsistent vendor patch availability, specialized expertise requirements and regulatory compliance add layers of complexity to the cybersecurity landscape.

A strong cybersecurity strategy begins with complete visibility into an organization’s assets, allowing leaders to understand what assets need protection and assess the highest risk areas. In environments where IT and OT systems converge, this demands more than just a comprehensive asset inventory. Organizations must implement a risk assessment methodology that is aligned with their operational realities, the report of the cybersecurity company added.

Copyright Business Recorder, 2025