Real-World ICS Security Tales From the Trenches

Industrial control systems (ICS) and operational technology (OT) environments are often described as quiet, highly controlled worlds. In reality, they contain a range of risks, unexpected configurations, and operational complexities that are difficult to fully uncover through standard penetration testing or conventional risk assessments.

SecurityWeek spoke with several ICS security experts and companies about their most memorable experiences in the field. These are not theoretical scenarios or lab simulations — they are real situations they encountered while working directly with organizations.

Their stories highlight the gap that often exists between written security policies and what actually happens on the plant floor.

Here are some of the most interesting and cautionary tales shared by ICS security experts, straight from the trenches:

John Simmons, FortiGuard Incident Response, Americas, Fortinet:

Real-World ICS Security Tales From the Trenches

Other newsrooms on this story

Related reading

Malware Threats Accelerate Across Critical Infrastructure

Security beyond CIP: When ‘low impact’ doesn’t mean low risk

iX-Workshop: Industrial Security nach IEC 62443 – Ein Praxisleitfaden

Webinar: What the Riskiest SOC Alerts Go Unanswered - and How Radiant Security…

Security is like insurance: You only value it after the crash

Why Security Leadership Makes or Breaks a Pen Test