.svg){kind=spacer}
April 22, 2025
April 22, 2025
In a creative twist on traditional panel discussions, Industrial Cyber hosted a lively and engaging webinar on the state of industrial cybersecurity in 2025 on Wednesday (recording here). Framed as a game show, the event featured thought leaders Jay Williams, CEO of Industrial Defender, Bill Moore, chief executive officer and founder at Xona Systems, and Debbie Lay, principal sales engineer at TXOne Networks, who tackled pressing challenges in the field through a dynamic, audience-driven format. The interactive session drew insights from real-world experience and audience polls, offering a candid look at how industrial cybersecurity is evolving in an increasingly complex digital environment.
Cybersecurity as a Strategic Investment
The panel opened with the question of quantifying cybersecurity investments—an ongoing challenge for many OT security professionals. Moderator Jonathon Gordon, directing analyst at Takepoint Research, noted that cybersecurity is no longer a technical back-office issue but has become a board-level concern, especially as companies strive to reduce downtime, avoid penalties, and safeguard operational continuity.
Williams opened the discussion by stressing the critical role of asset visibility and risk-based prioritization. “Understand what assets you have, what their function is, and what risk they pose to business continuity,” he advised. Williams referenced industry data showing that the average industrial outage costs around $125,000 per hour—an eye-opening figure that highlights the financial imperative for proactive cybersecurity investments.
Moore followed with real-world scenarios underscoring the importance of governance and proper backups. He shared the story of a manufacturing facility that lost months of PLC programming after a contractor departed without proper documentation. “It’s not just about ransomware,” Moore said. “It’s about safeguarding institutional knowledge and maintaining operational continuity.”
Lay emphasized cost avoidance as a powerful driver, particularly in environments with aging infrastructure. “We’re seeing customers defer multi-million-dollar system upgrades by using proactive controls to reduce the risk posed by legacy equipment,” she explained. Lay also highlighted the longer-term business impacts of cyber incidents, citing the 2023 Clorox ransomware attack, which led to lost retail shelf space and ongoing board-level challenges months after the event.
An audience poll confirmed the panel’s insights: the majority of respondents cited downtime and operational continuity as the primary metrics for evaluating cybersecurity investments, followed by regulatory compliance.
Securing the Supply Chain: A Long Road Ahead
Next up was the issue of supply chain risk and secure-by-design principles. With legacy systems and long hardware lifecycles common in OT, the panel agreed that supply chain risk remains a persistent threat.
Lay recounted how ‘new’ equipment entering OT environments can carry outdated software like Windows 7, having sat untouched in warehouses for years. “You can’t just assume that new means secure,” she cautioned.
Moore emphasized the need for asset owners to take control of third-party risks. “You have to move away from 10 different remote access solutions and standardize on one secure approach,” he argued, advocating for zero trust models and internal ownership of security postures.
Williams acknowledged the promise of secure-by-design but was blunt about its limitations: “It’s unrealistic in the short term. Operators must take responsibility with structured third-party risk management programs and internal governance.”
The audience agreed, ranking third-party risk assessments and integrating security into procurement contracts as the top supply chain security priorities.
IT-OT Integration: From Buzzword to Reality
Moore selected ‘Integrated Cyber Defense’ for the third round, sparking a discussion about breaking down IT-OT silos. “Seven years ago, IT/OT convergence sounded like marketing speak. Today, it’s real,” Moore said, pointing to new roles like OT security architects that bridge the gap.
Williams underscored the need for open APIs and vendor collaboration. “There’s no silver bullet in OT security. It takes a village,” he remarked. He noted Industrial Defender’s integrations with platforms like Splunk and Sentinel as examples of open interoperability in action.
Lay agreed but cautioned against blindly importing IT tools into OT environments. “It looks easy to just reuse your IT playbooks, but these can create unforeseen problems in OT,” she said. Instead, she urged teams to evaluate OT-specific alternatives before deploying.
A final audience poll showed that 38% of participants cited the lack of a clear integration roadmap as their biggest challenge, followed by interoperability issues between IT and OT tools.
Final Takeaways: Practical, Proactive, and Progressing
In the bonus round, each panelist summarized the state of the industry and shared their outlook.
Final Word: From Visibility to Action
As Gordon wrapped up, he reflected on how the market has shifted from visibility as an end goal to actionable insight and risk mitigation. While industrial cybersecurity has made significant strides, much of the market remains underserved. “We’re still only reaching about 5% of the addressable market,” he noted. “That has to change.”
This year’s webinar didn’t just illuminate the current state of the industry, it made the case for immediate action. Whether your organization is just beginning its journey or looking to fine-tune an established program, the message is clear: start with the basics, integrate smartly, and quantify organizational security investments in terms that the business understands.
©2025 NIS2U GmbH All Rights Reserved.
