From Stuxnet to Today: How Has OT Cyber Hygiene Changed

What You're About to Discover

The Stuxnet attack didn't just destroy centrifuges. It proved that physical consequences could follow a network packet into an industrial control system - and that most OT environments had no idea it was coming. That was 2010. Sixteen years later, a significant portion of industrial operators still run without network segmentation, without monitoring, and without a single trained person who knows what normal looks like. The threat evolved. Too many defenses didn't.

The first wave of OT security was compliance-driven. Large critical infrastructure owners built programs to satisfy auditors, not attackers. Small and mid-tier manufacturers fell through the gap entirely - no budget, no staff, no roadmap. And as the workforce that built and understood legacy OT systems aged out, that institutional knowledge walked out the door with them. What remains is an environment attackers understand better than the people running it.

Reconnaissance tools now scan internet-exposed OT protocols at scale. Environments lacking basic segmentation are identified in hours. A small manufacturer without a dedicated OT security role becomes a ransomware target, a supply chain pivot point, or a testbed for techniques later applied to larger infrastructure. The Oldsmar water treatment intrusion, the Colonial Pipeline shutdown, and the Volt Typhoon pre-positioning campaigns all share a common thread: foundational protections that were absent or never prioritized.

The organizations closing this gap aren't waiting for a breach to justify the investment. They're starting with the fundamentals - asset visibility, network segmentation, incident response planning, and workforce training that doesn't assume deep cybersecurity expertise. Jonathan Pollet has spent decades building OT security programs in the field. The pattern he sees among resilient organizations isn't advanced tooling. It's disciplined execution of the basics, consistently maintained over time.

In this episode, Terry McCorkle and Jonathan Pollet trace OT cyber hygiene from the Stuxnet era to the exposure landscape of 2026 - and lay out what organizations at every maturity level must prioritize now. The next wave of attacks isn't targeting the most sophisticated defenses. It's targeting the environments still running without the basics. Does your OT environment have them?