Experts Discuss the Challenges of Protecting Legacy Infrastructure from Increasing Cyber Threats in Critical Industries

Ransomware attacks on U.S. critical infrastructure rose 9% in 2024, according to the FBI, with healthcare, manufacturing, and energy among the hardest-hit sectors. In addition, according to IBM’s 2024 Cost of a Data Breach report, critical infrastructure organizations see the highest breach costs, with the average breach costing $4.88 million.

This is especially concerning, as critical industries have a direct impact on daily life. When hospitals, manufacturers, utilities, and power grids are disrupted by breaches, this not only impacts business operations but can even pose a national security risk. Yet many organizations in these industries still depend on operational technology (OT) built decades ago, before modern cybersecurity threats emerged. Legacy OT introduces a challenging paradox: this equipment is too mission-critical to replace but too fragile to patch.

“Some systems can’t even be patched,” said Shaun Marion, VP and CSO at Xcel Energy, in a recent episode of Super Cyber Friday: Hacking Critical Infrastructure, hosted by the CISO Series. “There’s no mechanism to do it.”

Lack of visibility compounds the risk. When organizations can’t monitor the performance or security posture of their most critical assets, small problems can escalate unnoticed into operational failures or entry points for attackers. The absence of telemetry and real-time insight makes it difficult to distinguish between normal fluctuations and active compromise, leaving defenders blind to early warning signs.

“One of those early warning signs to me is when someone says, ‘I don’t know,’” said Joel Burleson-Davis, CTO at Imprivata, in the same Super Cyber Friday conversation. “You don’t have the monitoring you need; you don’t have the information that you need to get out of those systems.”

The solution, both experts suggest, is to ensure cybersecurity strategies are built for long-term security and resilience. Emerging technologies are helping close long-standing gaps in critical infrastructure.

Tools like AI-driven modernization, Zero Trust network access, and passwordless authentication are enabling organizations to extend the power of essential systems, ensuring usability and security without increasing risk. Enforcing least-privileged access by adopting privileged access management (PAM) and vendor privileged access management (VPAM) strategies also strengthens security and compliance.

As modernization accelerates, the future of critical infrastructure security will depend on resilience and usability, building systems that keep people safe, maintain uptime, and earn lasting trust through transparency and human-centered design.

Learn more about how critical industries can prepare for evolving threats.