Back ZIUR Urges Strengthening Industrial Cyber ​​Defense and Warns that 25 % of Companies Worldwide Halted Operations Due to Attacks

2025 / 12 / 29
Industria aurreratua eta balio handiko fabrikazioa ekonomiaren zutabeak diren Gipuzkoan, Teknologia Operatiboaren zibersegurtasuna indartzea funtsezko elementua da enpresa sarearen lehiakortasunerako eta erresilientziarako, defendatu du María Penilla zuzendari nagusiak.

ZIUR Urges Strengthening Industrial Cyber ​​Defense and Warns that 25 % of Companies Worldwide Halted Operations Due to Attacks

“In Gipuzkoa, where advanced industry and high-value manufacturing are pillars of the economy, strengthening the cybersecurity of Operational Technology becomes an essential element for the competitiveness and resilience of the business fabric”, argues General Manager María Penilla

ZIUR, the Gipuzkoa Industrial Cybersecurity Center, warns of the growing vulnerability of the industrial sector to cyberattacks and underscores the urgent need to strengthen incident response capabilities in Operational Technology (OT) environments. According to data from ABI Research and Palo Alto Networks, one in four industrial companies worldwide was forced to temporarily suspend operations during the last year due to a cyberattack. This figure demonstrates the real and growing impact of digital threats on business continuity and the physical security of facilities.

“Strengthening the capacity to detect, contain, and recover from incidents in industrial environments is a strategic priority. It’s not just about protecting digital systems, but also about ensuring production stability and worker safety”, ZIUR emphasizes in its latest ‘OT Incident Response Report’.

Operational Technology (OT) forms the core of industrial infrastructure, responsible for controlling and monitoring critical processes such as furnaces, robotic machinery, transport systems, and production lines. In recent years, this environment has experienced a significant increase in the number and sophistication of cyberattacks, ranging from malware and ransomware specifically designed for industrial systems to targeted attacks aimed at manipulating or disrupting operational processes.

“In Gipuzkoa, where advanced industry and high-value manufacturing are pillars of the economy, strengthening OT cybersecurity becomes essential for the competitiveness and resilience of the business sector. Protecting industrial infrastructure is not only key to the region's economy, but also to the stability of global supply chains. Industrial cybersecurity is already a factor in productivity and trust”, says María Penilla, director of ZIUR.

How to Respond to Incidents

Given this scenario, understanding the importance of incident response in OT is fundamental. “It is not enough to detect an attack; it is necessary to have clear and effective procedures to act quickly, minimize the impact, and restore the safe operation of the affected systems. An appropriate response can mean the difference between temporary disruption and irreversible damage to the plant or even to human safety”, warns Penilla.

Effective incident management is therefore critical to guaranteeing the continuity and security of industrial operations. For this reason, having a structured incident response lifecycle is vital. This cycle consists of seven steps: preparation, detection, activation and coordination, investigation and analysis, containment and eradication, recovery, and post-analysis and continuous improvement.

Recommendations

The challenge is enormous, given that industrial infrastructures have “a unique, complex, and critical nature.” Among the challenges are the obsolescence and diversity of infrastructures, high sensitivity to operational disruptions, limitations in visibility and monitoring, a shortage of specialized personnel, and, finally, regulatory compliance and legal responsibilities.

“These challenges demand a comprehensive approach that combines the progressive updating of technologies and processes, continuous specialized training, implementation of monitoring systems adapted to the OT environment, and the development of flexible response procedures that guarantee both safety and operational continuity,” says the director of ZIUR.

In this regard, ZIUR's new 'OT Incident Response Report' recommends conducting drills to train staff and test procedures, having a response plan, defining roles and responsibilities, performing a post-incident analysis, complying with legal and regulatory requirements, and collecting and analyzing key indicators to measure and monitor metrics throughout the incident lifecycle. "Adopting these measures contributes to developing a comprehensive strategy that strengthens operational resilience and minimizes the impact of security incidents on OT systems, ensuring the continuity and security of industrial processes," ZIUR states in its report.