Cybersecurity News in Asia

How are large operational technology organizations worldwide increasing cyber oversight?

By CybersecAsia editors | Tuesday, July 22, 2025, 11:57 AM Asia/Singapore

One survey suggests that security maturity has risen over time, and broader executive-level responsibilities have been assigned in such organizations.

Based on a global survey conducted in early March 2025 involving 558 operational technology (OT) professionals* by a cybersecurity firm, data findings on OT cybersecurity organizational practices and impacts were shared with the media.

First, 52% of respondents had indicated that OT cybersecurity responsibility in their organizations resided with the Chief Information Security Officer (CISO) or Chief Security Officer (CSO). When asked about C-suite roles more broadly, 95% selected at least one C-suite executive in 2025. Additionally, 80% reported an intent to move OT cybersecurity responsibility under the CISO within the next 12 months.

Second, respondents reported a rise in self-assessed OT cybersecurity program maturity. In the 2025 survey, 49% selected the highest maturity level (level 4) for process maturity — where processes are continuously improved — compared to respondents from a similar survey in 2024. For solution maturity, 26% indicated their organizations had achieved visibility and segmentation (level 1), up from 20% previously, while the majority remained at the “access and profiling” phase (level 2).

Other findings

Third, a correlation was observed between higher self-assessed maturity levels and reduced incidence of reported intrusions. For example, 65% of respondents at level 4 maturity reported zero intrusions, while only 46% of those at levels 0–2 reported the same. Also:

Although half of all respondents experienced at least one intrusion in the previous year, the proportion reporting operational outages impacting revenue fell to 42% from 52% a year earlier.
78% of respondents reported using between one and four OT device vendors.
Adoption rates of measures such as threat intelligence, scheduled security audits, and internal security training had each increased between 8% and 18% over the past year.
Business email compromise incidents had declined, alongside a drop in the number of organizations reporting brand awareness degradation or loss of business-critical data due to intrusions.
The expected pace of regulatory change was high, with 66% of respondents anticipating increased regulation within the next five years, and 26% indicating this was expected within one year.
According to Nirav Shah, Senior Vice President, Products and Solutions, Fortinet, the firm that commissioned the survey, “everyone from the C-suite on down needs to commit to protecting sensitive OT systems and allocating the necessary resources to secure their critical operations.”
*from sectors such as manufacturing, energy, healthcare, logistics, chemicals, and water management. Respondents, has OT and cybersecurity remit in and plant or manufacturing operations, and were from organizations with over 1,000 employees (or over 250 for some countries), and were drawn the Americas, Europe, Asia, and Africa

Leave a reply Cancel reply

You must be logged in to post a comment.

Voters-draw/RCA-Sponsors

CybersecAsia Voting Placement

Gamification listing or Participate Now

Vote Now -Placement(Google Ads)

Top-Sidebar-banner

Whitepapers

Closing the Gap in Email Security:How To Stop The 7 Most SinisterAI-Powered Phishing Threats
Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
2024 Insider Threat Report: Trends, Challenges, and Solutions
Insider threats continue to be a major cybersecurity risk in 2024. Explore more insights on …Download Whitepaper
AI-Powered Cyber Ops: Redefining Cloud Security for 2025
The future of cybersecurity is a perfect storm: AI-driven attacks, cloud expansion, and the convergence …Download Whitepaper
Data Management in the Age of Cloud and AI
In today’s Asia Pacific business environment, organizations are leaning on hybrid multi-cloud infrastructures and advanced …Download Whitepaper

Middle-sidebar-banner

Case Studies

Bangladesh LGED modernizes communication while addressing data security concerns
To meet emerging data localization/privacy regulations, the government engineering agency deploys a secure, unified digital …Read more
What AI worries keeps members of the Association of Certified Fraud Examiners sleepless?
This case study examines how many anti-fraud professionals reported feeling underprepared to counter rising AI-driven …Read more
Meeting the business resilience challenges of digital transformation
Data proves to be key to driving secure and sustainable digital transformation in Southeast Asia.Read more
Upgrading biometric authentication system protects customers in the Philippines: UnionDigital Bank
An improved dual-liveness biometric framework can counter more deepfake threats, ensure compliance, and protect underbanked …Read more

Featured

Web browsers that rank lowest for privacy protection

Featured

The impact of APAC’s AI buildout on cybersecurity in 2026

Featured