While automation systems have revolutionized industrial operations worldwide, they now face an unprecedented level of cyber threat activity that continues to evolve in sophistication and scope. Recent data shows that 21.9% of Industrial Control System (ICS) computers experienced attacks in Q2 2025, maintaining a worryingly high threat level. These attacks persist despite defensive efforts, with malicious scripts affecting 6.49% of systems and spy Trojans appearing on 3.84% of ICS computers.
The expanding automation landscape has created a more complex attack surface. Nearly half (48%) of known vulnerabilities can be exploited remotely without authentication, considerably lowering the barrier for attackers. This accessibility is further compounded by the availability of proof-of-concept exploits for 42% of vulnerabilities identified in the first half of 2025. You must recognize that this combination creates a perfect storm for potential breaches.
Resource constraints severely limit effective response capabilities. Organizations typically allocate only 11% of IT budgets to security—well below the recommended 17%—while facing a persistent cybersecurity talent shortage with only 83% of positions filled globally. These shortages mirror the broader talent shortage seen in B2B integration where qualified specialists are difficult to find. These limitations force security teams to stretch thin across growing threat landscapes.
Security underfunding and talent shortages leave industrial systems vulnerable as threats multiply and evolve.
The exploitation trends paint a concerning picture with 161 distinct vulnerabilities exploited in H1 2025. Most alarmingly, 69% require no authentication, allowing relatively straightforward network access. Cybercriminals increasingly target automation systems using credential theft and remote access Trojans for financial gain through ransomware or data theft. Kaspersky security solutions blocked malware from 10,408 different families in Q2 2025, highlighting the diversity and persistence of threats targeting operational technology environments.
Automation presents a double-edged sword for industrial security. While it enhances defensive capabilities, it simultaneously creates new attack vectors that malicious actors enthusiastically exploit. The biometrics sector has uniquely experienced an increasing trend in blocked malicious objects, contrary to the downward patterns observed in most other industries. The increased interconnectivity of automation components accelerates malware propagation through industrial networks once initial access is achieved.
Organizations must address these challenges through strategic budget allocation, workforce development, and implementation of security automation to counter threats. Without these measures, the automation revolution risks becoming a considerable liability rather than the operational advantage it was designed to be.
