Research from e2e-assure examines the impact of operational technology (OT) downtime on the UK’s critical national infrastructure (CNI), including associated financial costs following cyberattacks. It reports that 80% of organisations experience costs of up to £5 million as a result of such incidents, reflecting the level of exposure linked to operational disruption.
According to the findings, nearly a quarter of severe OT downtime incidents cost more than £1 million, with 6% exceeding £5 million. Around 80% of manufacturing and CNI organisations that experience downtime report losses between £100,000 and £5 million.
The research also notes that incidents affecting essential services and industrial operations are occurring more frequently, alongside rising geopolitical concerns. A total of 64% of IT decision-makers report concern about potential nation-state attacks, which are described as having both financial and operational impacts.
In terms of response, organisations report an average detection time of 52 days following a compromise. While some organisations are able to detect breaches within 12 hours, resolving incidents can take significantly longer, with some large enterprises requiring more than a year to fully remediate major incidents.
The findings highlight differences between perceived and actual risk. Many decision-makers report lower concern around insider threats and reduced emphasis on visibility into OT network activity, despite these being areas where incidents can persist undetected. Common attack methods include phishing, malware and ransomware, insider threats, and credential compromise.
Supply chain-related risks are also identified, with 21% of CNI organisations reporting multiple incidents linked to suppliers or third parties, indicating the role of trusted access points in security breaches.
Beyond direct financial impact, organisations report concerns related to reputational damage and revenue loss, as well as workforce effects. Among smaller organisations, 37% report employee loss following major incidents.
The research indicates that 32% of organisations are adapting IT-based detection platforms for use in OT environments, while 28% report using detection capabilities specifically developed for OT systems.
