Eskenzi PR ad banner Eskenzi PR ad banner
  • About Us
Tuesday, 7 July, 2026
IT Security Guru
Eskenzi PR banner
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us
No Result
View All Result
IT Security Guru
No Result
View All Result

Forescout research points to record number of ICS vulnerabilities in 2025

by Guru Writer
February 19, 2026
in Featured
DoppelPaymer Ransomware Threat warning from Microsoft
Share on FacebookShare on Twitter

Forescout has released new research warning that industrial control systems (ICS) are facing unprecedented levels of cyber risk, with 2025 marking the highest number of recorded vulnerabilities to date.

The report, ICS Cybersecurity in 2026: Vulnerabilities and the Path Forward, reveals that 508 ICS advisories were published in 2025, covering a total of 2,155 vulnerabilities, marking a record high. At the same time, severity levels are rising sharply, underscoring mounting risks to critical infrastructure worldwide.

According to the findings, the average Common Vulnerability Scoring System (CVSS) score has climbed to 8.07, representing a 25% increase since 2010. Notably, 82% of advisories are now classified as high or critical severity.

The most vulnerable assets include field controllers, programmable logic controllers (PLCs) and SCADA systems, core components that underpin industrial operations across sectors such as manufacturing, energy, transportation and healthcare.

Visibility Gaps Create Dangerous Blind Spots

Beyond the rising volume and severity of vulnerabilities, Forescout’s research highlights a concerning lack of coordinated visibility.

In 2025 alone, 134 vendors disclosed vulnerabilities without corresponding advisories from the US Cybersecurity and Infrastructure Security Agency (CISA). Of these, 61% were rated high or critical. This disconnect creates potential blind spots for defenders who rely on centralised advisories to prioritise remediation and risk management.

Manufacturing, energy and transportation remain the most targeted sectors, reflecting their reliance on interconnected operational technology (OT) environments and legacy systems. However, healthcare has now surged to become the fourth most affected sector, signalling an expansion of industrial-style risk into environments traditionally viewed through an IT security lens.

A 15-Year View of Escalating Risk

Drawing on more than 15 years of ICS advisory data, the report combines long-term trend analysis with sector-specific insights and expert commentary. The research paints a clear picture: industrial environments are becoming more connected, more exposed and more difficult to defend using traditional approaches.

As digital transformation accelerates across critical infrastructure, legacy OT systems are increasingly integrated with IT networks and cloud-connected services. While this brings operational efficiencies, it also expands the attack surface and exposes industrial environments to threats previously confined to enterprise IT.

The Path Forward

The report outlines practical mitigation strategies aimed at reducing exposure and strengthening resilience. Key recommendations include:

  • Improving asset visibility across IT and OT environments

  • Strengthening vulnerability prioritisation processes based on exploitability and operational impact

  • Closing advisory and disclosure gaps through better coordination between vendors and government agencies

  • Accelerating patch management where feasible, while deploying compensating controls in environments where patching is not operationally possible

The findings reinforce a growing consensus within the cybersecurity community that securing critical infrastructure requires continuous monitoring, cross-sector collaboration and a shift from reactive patching to proactive risk management.

ShareTweet
Previous Post

Cybercrime Goes Corporate: Huntress Report Reveals Rise of Scalable, Stealth-First Attacks

Next Post

Keeper Security Extends KeeperPAM

Recent News

pentesting

Pentesting is dead. Long live pentesting.

July 3, 2026
AI Appreciation Day: Celebrating Progress, Embracing Responsibility

The industries being reimagined by AI

July 2, 2026
geopolitical cyber report

Iran-linked MuddyWater espionage campaign targets organisations across four continents

July 1, 2026
Check Point Brings Cloud Firewall to AWS European Sovereign Cloud

Check Point Brings Cloud Firewall to AWS European Sovereign Cloud

July 1, 2026

The IT Security Guru offers a daily news digest of all the best breaking IT security news stories first thing in the morning! Rather than you having to trawl through all the news feeds to find out what’s cooking, you can quickly get everything you need from this site!

Our Address: 10 London Mews, London, W2 1HY

Follow Us

© 2015 - 2024 IT Security Guru - Website Managed by Dessol

  • About Us
Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}
No Result
View All Result
  • Home
  • Features
  • Insight
  • Channel News
  • Events
    • Most Inspiring Women in Cyber 2026
  • Topics
    • Cloud Security
    • Cyber Crime
    • Cyber Warfare
    • Data Protection
    • DDoS
    • Hacking
    • Malware, Phishing and Ransomware
    • Mobile Security
    • Network Security
    • Regulation
    • Skills Gap
    • The Internet of Things
    • Threat Detection
    • AI and Machine Learning
    • Industrial Internet of Things
  • Multimedia
  • Product Reviews
  • About Us

© 2015 - 2024 IT Security Guru - Website Managed by Dessol