Regulatory Uncertainty in OT Security Due to Third-Party Risk
Critical infrastructure providers are facing increased cybersecurity challenges stemming from third-party risks, which are driving regulatory uncertainty in the operational technology (OT) sector. According to a global survey by Claroty, 69% of cybersecurity professionals claim to closely follow existing cybersecurity standards, yet 76% anticipate that new regulations will force them to significantly overhaul their current security strategies. This disconnect highlights confusion and concern about the direction and impact of forthcoming regulatory requirements for cyber-physical systems.
The survey, which included 1,100 cybersecurity professionals, revealed that nearly half of organizations with cyber-physical systems experienced breaches in the past year due to third-party access. Additionally, 54% of respondents reported finding security gaps or weaknesses in vendor contracts after an incident had occurred. These findings underscore the urgent need for improved third-party risk management and clearer regulatory guidance to protect critical infrastructure from evolving threats.
Get ahead of threats like this
Mallory correlates global threat intelligence with your attack surface — know if you’re exposed before adversaries strike.
How this story unfolded
1 event from the most recent confirmed update back to the earliest known activity.
Story first reported
Initial story creation
Sources
2 references tracked. Mallory keeps watching after this page renders.
See the full picture, correlated to your attack surface.
Map indicators from this story to your assets and identify affected systems in minutes.
Every observed campaign, victim, and pivot linked to actors named in this story.
Malware, exploits, and IOCs connected to the activity described here.
YARA, Sigma, and Snort rules deployed to your SIEM as soon as they’re published.
Get matching new stories delivered to your team as they break — not the next morning.
Ask questions about this story and take action on the answers.
Related stories
Other stories Mallory is tracking that overlap on entities, sources, or topic labels.
Geopolitical Risks Elevate Threats to Cyber-Physical Systems and OT Supply Chains
Claroty researchers have warned that global conflicts, civil unrest, and tariff wars are significantly increasing the risks facing cyber-physical systems, particularly those underpinning critical infrastructure and operational technology (OT). According to the Global State of CPS Security 2025 report, attackers are expected to exploit vulnerabilities introduced by disrupted supply chains, with predictions that at least one major cyber-physical breach will occur within the next year. The instability in sourcing, manufacturing, and delivery of hardware and software components—driven by geopolitical tensions—has forced organizations to rely on new or less-vetted vendors, heightening the risk of unknown vulnerabilities in OT, building management, and healthcare systems. Experts emphasize that changes in supply chain geography and sourcing, often resulting from trade restrictions and sanctions, can undermine the integrity and security of critical systems. The report, based on a global survey of 1,100 cybersecurity professionals, highlights the urgent need for organizations to reassess their risk management strategies and strengthen supply chain security to mitigate the evolving threat landscape. The convergence of geopolitical instability and fragile supply chains is creating new opportunities for cyber adversaries to target essential infrastructure worldwide.
Mar 21, 2026
Enterprise Risk from Unmanaged and Diverse xIoT and OT Devices
Enterprises are increasingly exposed to cybersecurity risks due to the proliferation of unmanaged and diverse extended Internet of Things (xIoT) and operational technology (OT) devices within their networks. Research analyzing over 10 million devices across 700 organizations found that two-thirds of networked devices are not traditional IT assets, but rather include network gear, OT, IoT, and medical equipment. Common high-risk device types such as VoIP phones, IP cameras, point-of-sale systems, and uninterruptible power supplies are often widespread yet remain unmanaged, creating significant security blind spots. The diversity of device functions, vendors, and operating system versions further complicates risk management, making it challenging for security teams to identify, patch, and mitigate vulnerabilities effectively. Manufacturers, in particular, face heightened OT security challenges due to legacy technology, lack of asset visibility, and the growing number of access points resulting from mergers and acquisitions. The complexity of managing access permissions, especially with multiple users sharing admin accounts, increases the difficulty of incident response and overall security posture. Despite increased awareness of these risks, the combination of device diversity, legacy systems, and human factors continues to present substantial obstacles to securing enterprise and manufacturing environments against cyber threats.
Mar 21, 2026
Western Cyber Agencies Release Secure Connectivity Principles for Operational Technology
CISA, the UK **NCSC**, and multiple international partners released **Secure Connectivity Principles for Operational Technology (OT)** guidance aimed at reducing risk created by increased connectivity into industrial environments (e.g., industrial control systems, sensors, and other critical services). The guidance is positioned for operators of essential services facing business and regulatory pressure to enable remote monitoring and management, and it emphasizes that formerly *air-gapped* OT is now more exposed due to expanded remote access and IT/OT convergence. The guidance highlights that insecure or exposed OT connectivity is being targeted by a broad range of adversaries, including **ransomware groups**, **state-backed actors**, and **pro-Russia hacktivists** conducting opportunistic attacks against global critical infrastructure. Recommended defensive themes include **network segmentation**, **strong authentication**, continuous monitoring, and minimizing remote access paths to prevent disruptive incidents with potential real-world safety and service-delivery impacts; CISA also solicited stakeholder feedback via a product survey. Separate opinion pieces discussing AI in critical infrastructure and power redundancy risks in OT, and an industry roundup of Chinese cybersecurity companies, do not provide additional reporting on this specific guidance release.
Mar 21, 2026