[Tribune] L’industrie doit s’armer face au danger des cyberattaques

Industrial production systems are under pressure. After Information Technology (IT), operational environments have become a prime target for cybercriminals. Securing the systems that support and operate production processes, known as Operational Technology (OT), is now a strategic necessity. This involves protecting not only industrial equipment but also the software and network connections that enable production environments to function. Without adequate safeguards, robots, manufacturing equipment, and entire production lines can be disrupted or brought to a standstill.

Fayçal Khalouli, founder of Troy, Lamarck Group’s cybersecurity division, shares his perspective on the growing challenges surrounding OT security.

OT Connectivity Is Expanding the Attack Surface

OT equipment is now increasingly connected to networks that enable remote access and control of production assets, predictive maintenance, automated updates, on-demand manufacturing, and data collection to analyze and improve machine performance.

This operational data feeds enterprise management systems and supports the emergence of Industry 4.0, where the digital and physical worlds converge through interconnected products, systems, and devices enabled by the Internet of Things (IoT).

While this connectivity delivers significant operational benefits, it also introduces new risks. Malware, ransomware, and cyberattacks can now directly target production environments and industrial processes.

Severe Industrial Consequences and Sovereignty Challenges

The consequences of such attacks can be devastating. For businesses, cyber incidents may significantly impact production capabilities, operational continuity, and corporate reputation. For society as a whole, attacks targeting critical infrastructure such as water distribution systems, heating networks, or power generation facilities can have far-reaching consequences.

National sovereignty itself can be challenged, particularly when attacks are conducted by state-sponsored actors.

Recent events illustrate the scale of the threat:

• In 2017, Saint-Gobain suffered a ransomware attack resulting in an estimated €250 million loss in revenue.
• In June 2020, eleven Honda manufacturing plants were affected by ransomware that disrupted production systems.
• In 2021, Colonial Pipeline was attacked, forcing approximately 15,000 fuel stations across the United States to temporarily shut down.
• The same year, Pierre Fabre halted operations in several factories for four weeks following a cyberattack.

These examples, while not exhaustive, highlight both the vulnerability of industrial organizations and their frequent lack of preparedness when facing digital threats.

OT Security: An Economic and Regulatory Imperative

According to the French National Cybersecurity Agency (ANSSI), 59% of cyberattacks result in production slowdowns or stoppages, while 16% threaten the very survival of the affected organization.

The resulting financial impact often encourages victims to pay substantial ransoms. Prevention therefore remains the most effective strategy.

This necessity is reinforced by regulatory developments. The European NIS2 Directive introduces strict cybersecurity risk management obligations for organizations operating in critical and essential sectors. At the same time, industry standards continue to evolve. Compliance with IEC 62443, the leading cybersecurity standard for industrial control systems, is increasingly becoming a requirement in commercial and supplier relationships.

More broadly, cybersecurity has become a key component of corporate governance and ESG-related performance criteria. It can no longer be treated as a secondary concern.

A Complex Challenge Requiring Automation and Centralized Security

Securing industrial environments remains particularly challenging. OT infrastructures are often heterogeneous, composed of equipment from different generations with long operational lifecycles. This creates complex environments where modern and legacy systems coexist.

At the same time, there is a shortage of qualified professionals capable of combining cybersecurity expertise with deep industrial knowledge.

A practical approach consists of deploying specialized security solutions to protect critical systems identified through a preliminary assessment of the organization’s attack surface. These solutions can monitor industrial environments continuously and alert security teams in real time when anomalies or incidents are detected.

Ideally, responsibility for protecting industrial operations should be integrated into a centralized digital security function capable of overseeing both IT and OT security strategies.

The Emergence of Software Solutions at the Intersection of IT and OT

The OT cybersecurity market remains relatively immature compared to traditional IT security. However, awareness of industrial cyber risks is driving significant investment from organizations across sectors.

As a result, new security solutions are emerging to address growing demand, many of them leveraging technologies originally developed for IT environments.

As IT, IoT, and OT continue to converge, future security architectures are expected to become more integrated, enhanced by artificial intelligence, advanced analytics, and potentially blockchain-based trust mechanisms.

The outcome will be greater visibility across industrial assets, comprehensive vulnerability mapping, and stronger centralized security governance.

Building Resilience for the Future

As cyber threats continue to evolve and production environments become increasingly interconnected, organizations must take proactive steps to protect their industrial operations.

Achieving effective OT security requires sustained investment in technology, processes, and human expertise. In a world where operational disruption can have severe financial, societal, and strategic consequences, protecting Operational Technology is no longer optional. It is a business-critical priority.