OT Security in 2025: More Incidents, less Ransomware

Interview with Dr. Terence Liu, CEO of TXOne Networks at HANNOVER MESSE  (HMI 2025) on OT Security and the situation in 2025

[datensicherheit.de, 06/10/2025] Beginning of April, the editorial team of datensicherheit.de (ds) had the opportunity to speak with Dr. Terence Liu (tl), the CEO of TXOne Networks during HANNOVER MESSE (HMI 2025). In Hanover we discussed the challenges that OT faces while securing OT infrastructures and maintaining operations based on the findings of the latest edition of the OT security report. One finding that stands out is the increasing number of security related incidents in OT while less of the responding companies have faced a ransomware attack last year.

Dr. Terence Liu, CEO von TXOne Networks, Bild TXOne Networks

ds: What is the state of OT security based on your findings on the OT/ICS Security Report 2025?

Liu: First of all, let me talk a bit about the development of OT security since data security is driving OT security in its current state and form. OT systems have been attacked by cybercriminals since 10 to 15 years and ever since the space of OT security both in defense and on the attackers’ side is evolving. The most important thing to remember when talking about OT security is that availability is more important than integrity. In IT security, confidentiality comes first, integrity second and availability third.

OT security means solving the security for all different OS systems, legacy and new ones, specialized ones etc. One of the current examples how difficult that task is, is the end of Windows 10 support. For manufacturing companies this means, they need to seek a solution that doesn’t affect the operability and availability of OT systems. OT security should never affect operations, so keep everything updated and secure is a huge task.

Now let me summarize the key findings of our OT security report. The maturity of OT security is crucial since the threats are growing. Our report shows that 94 percent of the surveyed organizations have been affected by OT cyber incidents in the past year, while 98 percent experienced IT incidents affecting their OT environments. On the other hand, Ransomware incidents decreased from 47 percent of respondents in 2023 to 28 percent in 2024. Nation-state attackers on critical infrastructure were revealed to be a growing new concern. And underlining for the relevance for Germany: From the 150 C-suite executives from Asia, Europe, the Middle East and North America, 20 percent are coming from Germany.

ds: Since even more legacy OS is used in manufacturing, production & electronic devices, what are your recommendations for CISOs and OT security decision-makers to secure them?

Liu: Since OT teams can’t patch everything, the most important thing is monitoring. Usually, 98 percent of the analyzed traffic is not a threat, only two percent are actually a threat. The problem is, that security people often don’t see what they are dealing with and they need to know about the unknowns to deal with the two percent real threats.

We recently had an example at one of our semiconductor customers that had an issue in an area where they thought they are secure, but weren’t. Now they inspect all of their machines on a regular basis and have put in place further security measures like segmenting the network etc.

Here it is important to take a look at all potential threats since the Conficker Worm is still out there, still threatening systems. The lesson learnt: It is about the cyber hygiene, the basis of security needs to be done right.

ds: We touched base on Technology e.g. Segmentation, but isn’t it also a question of the education of the OT people on the ground?

Liu: Yes, I agree, education is very important and we need to support the people on the ground and at the shopfloor, so they can secure their machines. Companies need to define, who is doing audits and tests on which timely basis. Further, there is also the question about the enforcement of OT security.

ds: That’s about the OT professionals, they need education and process, but what about the C-Level? Do you see difference between the awareness of the board in different regions?

Liu: We see differences, which has to do with the maturity of the markets themselves. But let’s not forget industry initiatives like in the semiconductor world where big vendors work together on supplier security to ensure OT security is maturing.

When we look at the automotive industry, TISAX is a good starting point, but from a maturity perspective, it is not where the semiconductors are already with their guidelines and compliance, so even the automotive industry will improve over time.

Overall, industry initiatives are great, but in certain industries, they need more support to get together. The power of the community is a strength of the OT security. TXOne is helping the industry while organizing roundtables to bring together CISOs and alike from certain industries to meet and share best practices among each other.

ds: A question for Mirco Kloss, Business Development Director DACH. What does TXOne offer to secure the ROI of German companies?

Kloss: First of all, we are an OT-native security vendor. We are protecting these companies with our solutions on different levels and our products like Portable Inspector, Stellar, Edge and SageOne support companies to secure their OT infrastructure. Our OT endpoint solution Stellar is on the Siemens WinCC compatibility list and can be purchased via the Siemens Xcelerator Marketplace. Further, we are working on bringing OT security by design to the production facilities and to keep the security up during the whole lifecycle of the machines and throughout the supply chain. On a side note, one sector, that faces similar challenges as manufacturers is healthcare. A lot of legacy OS and legacy software that can’t be patched or at least not easily patched.

ds: Last question to Dr. Liu: What are your HMI 2025 impressions and why are you here?

Liu: The Hannover Messe Industrie is a great place to be for us to be, for our customers, partners etc. We think this trade fair is very important to get in touch with all of our community, not only in Germany, but in Europe as a whole and this is the reason why we are here again and will return next year.

ds: We say thank you for the interview.

Further information on the topic:

datensicherheit.de, 28.08.2024
OT-Sicherheit in der Lebensmittelindustrie