An Insider Perspective: Five Reasons OT Cybersecurity Must be an Immediate Priority in Life Sciences

What you’ll learn in this article:

• The increasing sophistication and organization of OT cyberattack threat actors in the life sciences industry
• The unique vulnerabilities during acquisitions and the complexity of varied systems within life sciences organizations
• The consequences and high costs associated with breaches in OT systems

Operational technology (OT) cyberattacks in the life sciences industry are on the rise — and the threat actors associated with them are both extremely sophisticated and organized.¹ They recognize OT systems were often built without cybersecurity in mind, and they know companies in this industry often lack visibility across their entire ecosystem. How life sciences organizations understand – and respond to – these vulnerabilities is critical. Here are five reasons OT cybersecurity must be an immediate priority.

1.    It’s Easy to Underestimate Your Vulnerability

The stakes are high in the life sciences industry, so it’s not a matter of “if” you’ll be targeted, but “when.” More concerning, when you’re using metrics generated by IT security tools to demonstrate your commitment to OT, you may have a false sense of security.

Acquisitions can be times of vulnerability. An organization may be quick to standardize its IT solutions to the new business, but the manufacturing network architecture and assets often get overlooked. These varying levels of network security at different plants within an organization can open the door to OT network attacks, like the one that led to an estimated $1.4 billion in damages at Merck in 2017.²

Odds are, you have a variety of systems and tech infrastructure that don’t play by the same rules — or in some cases even use the same language — making it difficult to gain visibility across your entire OT ecosystem. Additionally, every new drug or product launch expands your physical manufacturing footprint even further. As you demand more from your systems and embrace cloud technology, AI and more, that web becomes even more complex. Physically isolating, or air gapping, a system is no longer enough to protect against sophisticated cyberattacks.

In such a complex industry, what works for one plant within an organization might not work for the next. Over 60% of the customers don’t yet have a tool to provide the OT visibility they need.³ A simple check is to compare investments in IT and OT security. If they are not balanced, you potentially have serious points of vulnerability.

2.    An OT Breach Can Be Catastrophic

Even in an industry that balances extraordinarily high risk versus reward daily, the investment necessary to better secure your OT systems may appear too costly. However, the average cost of a data breach is now $4.88 million, a record high.⁴ The NotPetya malware used in the Merck breach was linked to an estimated $10 billion in losses worldwide.²

While there are consequences to shutting down IT systems to isolate a potential attack and protect your organization, the impact of an attack on the OT side can be even more catastrophic. According to Aberdeen Research, operational shutdowns can cost manufacturers as much as $260,000 an hour.⁵ In the life sciences industry where speed to market is everything, the impact can be even more costly. Disruptions mean your product isn’t on shelves when it needs to be, which may not only shrink profits but also has the potential to jeopardize lives and cause reputational damage. Having stronger OT cybersecurity infrastructure, technology that minimizes false positives and a resilience plan that gets you up and running again quickly, can help manage this risk.

3.    You’re An Attractive Target

Often, the mission of sophisticated threat actors is to inflict catastrophic damage on businesses and the world around us. What better target than an organization that’s manufacturing the products people depend on to sustain well being?

Those same actors know OT systems often have inherent vulnerabilities. Layer in the fact that profits in life sciences revolve around speed to market, and decision makers are apt to put OT improvements on the backburner so production can remain full speed ahead. It can seem like the right thing to stay the course and keep pushing forward in order to get a product to market on time, but the risks of a cybersecurity breach could quickly outpace the rewards of a product deployment.

4.     The Regulatory Environment is Getting More Complex

In an industry where the regulatory environment is already recognized as one of the most stringent and complex, enabling OT cybersecurity compliance can be difficult. Between knowing which frameworks to use (IEC62443, ISO 13485) and understanding the latest regulations like NIS2, there’s a lot to navigate.

Through all the layers and complexities, you must keep up with an evolving list of domestic and international requirements, while also using compliant vendors. Life sciences organizations need the right solutions and partner to help navigate — and make sense of — what can feel like constantly moving targets.

5.    Taking the First Step Can Be Easier Than You Think

While the idea of securing your critical OT systems from cyberattacks may feel daunting, the good news is, taking the first step can be easier than you think. It’s all about engaging with the right experts who understand that OT and IT cybersecurity are different and demand unique approaches. Even within a single organization, what works at one plant or facility may not work at another. An effective OT cybersecurity approach will give you a clear line of visibility across the organization, through multiple environments and variables, to help you anticipate and identify risk.

Honeywell works with organizations to conduct cybersecurity risk assessments. It’s a valuable first step to identifying vulnerabilities and mapping a plan to effectively protect your entire organization from the corner office to the lab bench to the plant floor.

Learn how to better protect your organization’s OT environments and systems by connecting with a Honeywell cybersecurity expert today.

¹ LinkedIn, “The Evolution of Cyber Threats on OT Networks in Life Sciences,” Ailbhe Clardy, March 24, 2025. [Accessed April 7, 2025]

² The HIPAA Journal, “Merck Reaches Settlement with Insurers over $1.4 Billion NotPetya Malware Attack,” Steve Alder, January 17, 2024. [Accessed April 7, 2025]

³ KPMG, “Industrial control system (ICS) or operational technology (OT) threat landscape,” April 2024. [Accessed April 7, 2025]

⁴ IBM and Ponemon Institute, “Cost of a Data Breach Report 2024,” July 2024. [Accessed May 23, 2025]

⁵ IIoT World. “The actual cost of downtime in the manufacturing industry,” November 14, 2018. [Accessed April 7, 2025]