OT Cyber Resilience Crisis – Outdated Risk Models and Fragmented Response

Critical infrastructure resilience is being undermined by outdated risk models and fragmented IT/OT response frameworks. Experts are calling for a shift from static, compliance-driven checklists to dynamic, threat-informed resilience strategies that account for real-world operational impact. The Jaguar Land Rover cyberattack demonstrates the problem: estimated £1.9 billion U.K. financial impact affecting 5,000+ organizations, but the modeled loss range of £1.6B–£2.1B could be higher if OT was significantly impacted or recovery takes longer than expected. The issue: traditional risk assessments assume stable threat landscapes and predictable recovery timelines, but modern cyber-physical attacks create cascading effects across multi-tier supply chains with unpredictable operational disruption. What's needed: real-time data, flexible controls, and governance treating risk as a moving target. Durgesh Kalya from Covestro emphasizes measuring resilience via mean time to detect (MTTD), mean time to recover (MTTR), continuity of critical operations, and ability to maintain safety margins during disruptions. Danielle Jablanski from STV argues resilience in OT means continuing operations under compromise while containing and eradicating threats—not just isolating and recovering. Shiv Kataria from Siemens highlights detection maturity, response readiness, and tested procedures as key metrics. The consensus: resilience requires unified IT/OT incident management, continuous threat modeling integrated into engineering decisions, and sector-specific guidance that connects cybersecurity to safety and uptime outcomes.