{"id":3069,"date":"2026-05-01T10:00:01","date_gmt":"2026-05-01T10:00:01","guid":{"rendered":"https:\/\/inprotech.es\/?p=3069"},"modified":"2026-04-29T11:15:23","modified_gmt":"2026-04-29T11:15:23","slug":"key-findings-from-the-first-cyber-alerts-report-published-by-amtegas-industrial-cybersecurity-observatory","status":"publish","type":"post","link":"https:\/\/inprotech.es\/en\/key-findings-from-the-first-cyber-alerts-report-published-by-amtegas-industrial-cybersecurity-observatory\/","title":{"rendered":"Key findings from the first Cyber-Alerts Report published by AMTEGA&#8217;s Industrial Cybersecurity Observatory."},"content":{"rendered":"<p><span style=\"font-weight: 400;\">The digitalisation of the industrial sector and the consolidation of interconnected architectures have created more efficient ecosystems, but also more vulnerable ones in the face of malicious actors. To address this challenge, the Industrial Cybersecurity Observatory of AMTEGA has published the <\/span><b>Cyber-Alerts Report \u2013 I<\/b><span style=\"font-weight: 400;\">.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">This document not only monitors the current state of threats, but also provides an essential theoretical-practical framework for industrial organisations.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Below, I summarise the most critical points and conclusions we have drawn from this first report:<\/span><\/p>\n<h2><b>The OT Attack Landscape: Greater Frequency and Impact<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">The threat landscape targeting industrial control systems (ICS) shows sustained growth in both the severity and volume of vulnerabilities.<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">According to ENISA, vulnerability exploitation accounts for 21.3% of intrusion vectors in Europe.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Recent global surveys reveal that 22% of organisations experienced at least one ICS\/OT incident in the past year.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">The most exploited vectors are unauthorised external access (50%) and ransomware (38%).<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">One alarming finding stands out: in ransomware incidents, the average time between intrusion and encryption activation has dropped to just 16 hours, demanding 24&#215;7 early detection capabilities in OT environments.<\/span><\/li>\n<\/ul>\n<h2><b>Monitoring and Discovery: The Role of CPS Platforms<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">The report highlights the importance of cyber-physical system protection platforms (CPS PP), such as <\/span><b>Guardian<\/b><span style=\"font-weight: 400;\">, developed by InprOTech \u2014 Galician technology with dual-use capabilities.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">These tools are essential because they enable:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Automatic discovery of OT assets (PLCs, HMIs, drives, etc.).<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Identification of firmware versions for correlation with known vulnerabilities.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><span style=\"font-weight: 400;\">Network anomaly detection without interfering with industrial process availability, through an active-passive approach.<\/span><\/li>\n<\/ul>\n<h2><b>Pragmatic Prioritisation: The &#8220;Now \/ Next \/ Never&#8221; Philosophy<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Since availability is paramount in industrial environments, immediate patching is not always feasible. The report highlights the <\/span><i><span style=\"font-weight: 400;\">Now\/Next\/Never<\/span><\/i><span style=\"font-weight: 400;\"> operational strategy for prioritisation:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Now:<\/b><span style=\"font-weight: 400;\"> Critical vulnerabilities affecting process safety, remotely exploitable and without active compensating controls. Require immediate mitigation.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Next:<\/b><span style=\"font-weight: 400;\"> Relevant flaws that depend on less probable factors or already have certain barriers in place. Planned for the next maintenance window.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Never:<\/b><span style=\"font-weight: 400;\"> Vulnerabilities that, in the specific context of the plant (e.g. a fully isolated asset), pose no real risk. Documented and monitored.<\/span><\/li>\n<\/ul>\n<h2><b>Return on Investment (ROI) in OT Cybersecurity<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">One of the report&#8217;s most valuable contributions is the financial quantification of operational risk. Mitigating vulnerabilities in high-value assets (such as a SCADA system) offers an exceptionally high economic return. Reducing the Exposure Factor (EF) and the Annual Rate of Occurrence (ARO) through segmentation and patching more than offsets implementation costs, ensuring business continuity.<\/span><\/p>\n<h2><b>Conclusion<\/b><\/h2>\n<p><span style=\"font-weight: 400;\">Galicia&#8217;s OT ecosystem \u2014 strongly represented by critical sectors such as energy, automotive, food, naval and logistics \u2014 faces increasingly sophisticated and targeted threats. Adopting defensible architectures, improving configuration hygiene and implementing a realistic patch management strategy aligned with plant constraints are unavoidable steps.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">InprOTech and AMTEGA will continue to drive the strengthening of Galicia&#8217;s business fabric through technology initiatives and the dissemination of actionable intelligence.<\/span><\/p>\n<p>&nbsp;<\/p>\n<p><span style=\"font-weight: 400;\">You can <strong>download the full report<\/strong> from the <a href=\"https:\/\/ciberseguridadegalicia.gal\/sites\/default\/files\/media\/document\/2026-03\/informe-de-ciberalertas-ot-i-gal-cambios-finales.pdf\" target=\"_blank\" rel=\"noopener\">official AMTEGA portal<\/a>.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The digitalisation of the industrial sector and the consolidation of interconnected architectures have created more efficient ecosystems, but also more vulnerable ones in the face of malicious actors. To address this challenge, the Industrial Cybersecurity Observatory of AMTEGA has published the Cyber-Alerts Report \u2013 I. This document not only monitors the current state of threats,&#8230;<\/p>\n","protected":false},"author":1,"featured_media":3067,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[17],"tags":[],"class_list":["post-3069","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-techpapers-en"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.5 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Key findings from the first Cyber-Alerts Report published by AMTEGA&#039;s Industrial Cybersecurity Observatory. - InprOTech<\/title>\n<meta name=\"description\" content=\"Industrial digitalisation expands the attack surface. Explore the key findings of AMTEGA&#039;s first OT Cyber-Alerts Report: ICS threats, intrusion vectors, CPS platforms and patch prioritisation strategies for industrial environments.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/inprotech.es\/?p=3065\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Key findings from the first Cyber-Alerts Report published by AMTEGA&#039;s Industrial Cybersecurity Observatory. - InprOTech\" \/>\n<meta property=\"og:description\" content=\"Industrial digitalisation expands the attack surface. Explore the key findings of AMTEGA&#039;s first OT Cyber-Alerts Report: ICS threats, intrusion vectors, CPS platforms and patch prioritisation strategies for industrial environments.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/inprotech.es\/?p=3065\" \/>\n<meta property=\"og:site_name\" content=\"InprOTech\" \/>\n<meta property=\"article:published_time\" content=\"2026-05-01T10:00:01+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/inprotech.es\/wp-content\/uploads\/2026\/04\/Techapaper-Inprosec-2.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"admin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"admin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/inprotech.es\\\/?p=3065#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/inprotech.es\\\/?p=3065\"},\"author\":{\"name\":\"admin\",\"@id\":\"https:\\\/\\\/inprotech.es\\\/#\\\/schema\\\/person\\\/cb0ae1292b18b48c1e89b0e4e7ef15d9\"},\"headline\":\"Key findings from the first Cyber-Alerts Report published by AMTEGA&#8217;s Industrial Cybersecurity Observatory.\",\"datePublished\":\"2026-05-01T10:00:01+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/inprotech.es\\\/?p=3065\"},\"wordCount\":488,\"commentCount\":0,\"image\":{\"@id\":\"https:\\\/\\\/inprotech.es\\\/?p=3065#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/inprotech.es\\\/wp-content\\\/uploads\\\/2026\\\/04\\\/Techapaper-Inprosec-2.jpg\",\"articleSection\":[\"Techpapers\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/inprotech.es\\\/?p=3065#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/inprotech.es\\\/?p=3065\",\"url\":\"https:\\\/\\\/inprotech.es\\\/?p=3065\",\"name\":\"Key findings from the first Cyber-Alerts Report published by AMTEGA's Industrial Cybersecurity Observatory. - InprOTech\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/inprotech.es\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/inprotech.es\\\/?p=3065#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/inprotech.es\\\/?p=3065#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/inprotech.es\\\/wp-content\\\/uploads\\\/2026\\\/04\\\/Techapaper-Inprosec-2.jpg\",\"datePublished\":\"2026-05-01T10:00:01+00:00\",\"author\":{\"@id\":\"https:\\\/\\\/inprotech.es\\\/#\\\/schema\\\/person\\\/cb0ae1292b18b48c1e89b0e4e7ef15d9\"},\"description\":\"Industrial digitalisation expands the attack surface. Explore the key findings of AMTEGA's first OT Cyber-Alerts Report: ICS threats, intrusion vectors, CPS platforms and patch prioritisation strategies for industrial environments.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/inprotech.es\\\/?p=3065#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/inprotech.es\\\/?p=3065\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/inprotech.es\\\/?p=3065#primaryimage\",\"url\":\"https:\\\/\\\/inprotech.es\\\/wp-content\\\/uploads\\\/2026\\\/04\\\/Techapaper-Inprosec-2.jpg\",\"contentUrl\":\"https:\\\/\\\/inprotech.es\\\/wp-content\\\/uploads\\\/2026\\\/04\\\/Techapaper-Inprosec-2.jpg\",\"width\":1200,\"height\":630},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/inprotech.es\\\/?p=3065#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Portada\",\"item\":\"https:\\\/\\\/inprotech.es\\\/en\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Key findings from the first Cyber-Alerts Report published by AMTEGA&#8217;s Industrial Cybersecurity Observatory.\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/inprotech.es\\\/#website\",\"url\":\"https:\\\/\\\/inprotech.es\\\/\",\"name\":\"InprOTech\",\"description\":\"The Cybersecurity Solution for the Industrial Environment\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/inprotech.es\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/inprotech.es\\\/#\\\/schema\\\/person\\\/cb0ae1292b18b48c1e89b0e4e7ef15d9\",\"name\":\"admin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d903daf71b546605502fd9841b9dc598cc8d3a04ee26680ca18eb3633e5209be?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d903daf71b546605502fd9841b9dc598cc8d3a04ee26680ca18eb3633e5209be?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/d903daf71b546605502fd9841b9dc598cc8d3a04ee26680ca18eb3633e5209be?s=96&d=mm&r=g\",\"caption\":\"admin\"},\"sameAs\":[\"https:\\\/\\\/inprotech.es\"],\"url\":\"https:\\\/\\\/inprotech.es\\\/en\\\/author\\\/moon\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Key findings from the first Cyber-Alerts Report published by AMTEGA's Industrial Cybersecurity Observatory. - InprOTech","description":"Industrial digitalisation expands the attack surface. Explore the key findings of AMTEGA's first OT Cyber-Alerts Report: ICS threats, intrusion vectors, CPS platforms and patch prioritisation strategies for industrial environments.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/inprotech.es\/?p=3065","og_locale":"en_US","og_type":"article","og_title":"Key findings from the first Cyber-Alerts Report published by AMTEGA's Industrial Cybersecurity Observatory. - InprOTech","og_description":"Industrial digitalisation expands the attack surface. Explore the key findings of AMTEGA's first OT Cyber-Alerts Report: ICS threats, intrusion vectors, CPS platforms and patch prioritisation strategies for industrial environments.","og_url":"https:\/\/inprotech.es\/?p=3065","og_site_name":"InprOTech","article_published_time":"2026-05-01T10:00:01+00:00","og_image":[{"width":1200,"height":630,"url":"https:\/\/inprotech.es\/wp-content\/uploads\/2026\/04\/Techapaper-Inprosec-2.jpg","type":"image\/jpeg"}],"author":"admin","twitter_card":"summary_large_image","twitter_misc":{"Written by":"admin","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/inprotech.es\/?p=3065#article","isPartOf":{"@id":"https:\/\/inprotech.es\/?p=3065"},"author":{"name":"admin","@id":"https:\/\/inprotech.es\/#\/schema\/person\/cb0ae1292b18b48c1e89b0e4e7ef15d9"},"headline":"Key findings from the first Cyber-Alerts Report published by AMTEGA&#8217;s Industrial Cybersecurity Observatory.","datePublished":"2026-05-01T10:00:01+00:00","mainEntityOfPage":{"@id":"https:\/\/inprotech.es\/?p=3065"},"wordCount":488,"commentCount":0,"image":{"@id":"https:\/\/inprotech.es\/?p=3065#primaryimage"},"thumbnailUrl":"https:\/\/inprotech.es\/wp-content\/uploads\/2026\/04\/Techapaper-Inprosec-2.jpg","articleSection":["Techpapers"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/inprotech.es\/?p=3065#respond"]}]},{"@type":"WebPage","@id":"https:\/\/inprotech.es\/?p=3065","url":"https:\/\/inprotech.es\/?p=3065","name":"Key findings from the first Cyber-Alerts Report published by AMTEGA's Industrial Cybersecurity Observatory. - InprOTech","isPartOf":{"@id":"https:\/\/inprotech.es\/#website"},"primaryImageOfPage":{"@id":"https:\/\/inprotech.es\/?p=3065#primaryimage"},"image":{"@id":"https:\/\/inprotech.es\/?p=3065#primaryimage"},"thumbnailUrl":"https:\/\/inprotech.es\/wp-content\/uploads\/2026\/04\/Techapaper-Inprosec-2.jpg","datePublished":"2026-05-01T10:00:01+00:00","author":{"@id":"https:\/\/inprotech.es\/#\/schema\/person\/cb0ae1292b18b48c1e89b0e4e7ef15d9"},"description":"Industrial digitalisation expands the attack surface. Explore the key findings of AMTEGA's first OT Cyber-Alerts Report: ICS threats, intrusion vectors, CPS platforms and patch prioritisation strategies for industrial environments.","breadcrumb":{"@id":"https:\/\/inprotech.es\/?p=3065#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/inprotech.es\/?p=3065"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/inprotech.es\/?p=3065#primaryimage","url":"https:\/\/inprotech.es\/wp-content\/uploads\/2026\/04\/Techapaper-Inprosec-2.jpg","contentUrl":"https:\/\/inprotech.es\/wp-content\/uploads\/2026\/04\/Techapaper-Inprosec-2.jpg","width":1200,"height":630},{"@type":"BreadcrumbList","@id":"https:\/\/inprotech.es\/?p=3065#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Portada","item":"https:\/\/inprotech.es\/en\/"},{"@type":"ListItem","position":2,"name":"Key findings from the first Cyber-Alerts Report published by AMTEGA&#8217;s Industrial Cybersecurity Observatory."}]},{"@type":"WebSite","@id":"https:\/\/inprotech.es\/#website","url":"https:\/\/inprotech.es\/","name":"InprOTech","description":"The Cybersecurity Solution for the Industrial Environment","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/inprotech.es\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/inprotech.es\/#\/schema\/person\/cb0ae1292b18b48c1e89b0e4e7ef15d9","name":"admin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/d903daf71b546605502fd9841b9dc598cc8d3a04ee26680ca18eb3633e5209be?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/d903daf71b546605502fd9841b9dc598cc8d3a04ee26680ca18eb3633e5209be?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d903daf71b546605502fd9841b9dc598cc8d3a04ee26680ca18eb3633e5209be?s=96&d=mm&r=g","caption":"admin"},"sameAs":["https:\/\/inprotech.es"],"url":"https:\/\/inprotech.es\/en\/author\/moon\/"}]}},"_links":{"self":[{"href":"https:\/\/inprotech.es\/en\/wp-json\/wp\/v2\/posts\/3069","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/inprotech.es\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/inprotech.es\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/inprotech.es\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/inprotech.es\/en\/wp-json\/wp\/v2\/comments?post=3069"}],"version-history":[{"count":1,"href":"https:\/\/inprotech.es\/en\/wp-json\/wp\/v2\/posts\/3069\/revisions"}],"predecessor-version":[{"id":3070,"href":"https:\/\/inprotech.es\/en\/wp-json\/wp\/v2\/posts\/3069\/revisions\/3070"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/inprotech.es\/en\/wp-json\/wp\/v2\/media\/3067"}],"wp:attachment":[{"href":"https:\/\/inprotech.es\/en\/wp-json\/wp\/v2\/media?parent=3069"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/inprotech.es\/en\/wp-json\/wp\/v2\/categories?post=3069"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/inprotech.es\/en\/wp-json\/wp\/v2\/tags?post=3069"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}