See All Nexus 2025 Sessions
Claroty Nexus Logo
Topics:
See all in Cyber Resilience See all in Articles
See all in Videos
See all in Podcasts
Connected process control technologies force asset owners to change their perceptions of risk, cyber resilience, and operational resilience.
Operational Technology
Operational Resilience
Cyber Resilience
Risk Management

Nexus Reflections and Predictions: Steven Sim

Steven Sim
/
Jan 5, 2026

As 2025 comes to a close, some of our Nexus contributors and experts have provided us with a look back on the year in cybersecurity, and their predictions for the next year within their industries and specialty areas. Today, Steven Sim, chair of the OT ISAC advisory committee, reflects on how generative AI automates cyberattacks, and predicts difficult financial choices for CISO in the coming year.

Reflections on 2025

We have seen growth of generative AI use among attackers and defenders

Threat actors are increasingly using generative AI to automate the attack chain including ransomware operations, reducing the mean-time-to-exploitation from the time of vulnerability disclosure. 

Listen to this Nexus Podcast with Steven Sim

Correspondingly, AI defenses are also being stepped up. It is evident during the Singapore International Cyber Week 2025 Govware showcase that there are more AI "copilots" and even some "autopilots" that do work from triaging alerts to automated incident response. 

As AI is increasingly showcased among cybersecurity vendors, the risk of AI-washing also elevates correspondingly. It remains to be seen whether pre-crime "autopilots" that claim no need for human-in-the-loop will be effective.

Predictions for 2026

Cost pressures will hit cyber teams hard as they wrack their brains to achieve more with less. 

In the current economic climate, it will no longer be adequate to use a fraction of an acquired or subscribed unified threat protection solution. There is strong impetus to maximise investments to juice out every last drop. 

As the need to manage emerging risk and enable opportunities with emerging technologies such as AI is brought into greater focus, the sweet spot to balance innovation adoption and cost-effective cybersecurity controls within tolerable friction is ever harder to define in the wake of increasing pressures from both ends. 

A widening attack surface amid both innovation and cost pressures coupled with cybersecurity professionals playing catch-up on capabilities with managing risk from emerging technologies is a perfect recipe for cyber disaster.


Operational Technology
Operational Resilience
Cyber Resilience
Risk Management
Steven Sim
Chair, OT-ISAC Advisory Committee

Steven Sim is chair of the OT-ISAC Advisory Committee and has worked for more than 28 years in the cybersecurity field with large end-user enterprises and critical infrastructure organizations. He has led the Group Cybersecurity Centre of Expertise (CoE), undertaken global CISO roles, and driven award-winning CSO50 security governance and management initiatives.

Stay in the know Get the Nexus Connect Newsletter
Share
LinkedIn Twitter Facebook Email
Featured Articles
Considerations for Medical Device Vulnerability Remediation Technical Debt in OT Environments: How It's Different and Why it Matters The Purdue Model's Risky Blindspot
Featured Videos
Browse by Topics
Cyber Resilience Cybersecurity Insurance Federal Food & Beverage Healthcare Industrial Internet of Things Nexus Conference Operational Resilience Operational Technology Ransomware Risk Management Technical Debt Vulnerability Management Zero Trust
You might also like… Read more
IT cybersecurity teams inheriting operational technology security and cyber-physical systems protection programs often come into these situations with competing incentives. This dynamic creates gaps in protecting OT and CPS that must be assessed and addressed.
Risk Management
Operational Resilience
Industrial
Operational Technology
Cyber Resilience

Competing Incentives Create IT/OT Security Gaps
ASL Roma 1, a public health provider in Rome, has distinguished itself in the global healthcare landscape over the past two years by implementing advanced cybersecurity strategies, moving toward a hyper convergent security model, the so-called HyperSOC, in response to the growing cyber attacks in the global healthcare sector.
Healthcare
Risk Management
Cyber Resilience

Nexus Reflections and Predictions: Stefano Scaramuzzino

Stefano Scaramuzzino
nexus_secure-by-design-labonty-1731623724.jpg
Cyber Resilience
Industrial
Operational Resilience
Operational Technology
Risk Management

Nexus Reflections and Predictions: Jim LaBonty

Jim LaBonty
Compensating controls are often the only cybersecurity options available to offset risk in operational technology environments still supporting legacy technology or end-of-life industrial control systems or field devices.
Operational Technology
Cyber Resilience
Vulnerability Management
Risk Management

Nexus Reflections and Predictions: Don C. Weber

Don C. Weber
nexus_hulme-ai-in-ot.jpg
Cyber Resilience
Operational Resilience
Operational Technology
Risk Management

CISA Warns: AI Integration Exposes OT to ‘Unsolved’ Semantic Threats

George V. Hulme
Industrial cybersecurity expert Danielle Jablanski reflects on market shifts around operational technology (OT) and industrial control systems (ICS) cybersecurity and predicts a newfound emphasis and approach to security metrics in 2026.
Operational Technology
Operational Resilience
Cyber Resilience
Risk Management

Nexus Reflections and Predictions: Danielle Jablanski

Danielle Jablanski
umbelino_prediction.jpg
Operational Technology
Cyber Resilience
Vulnerability Management

Nexus Reflections and Predictions: Pedro Umbelino

Pedro Umbelino
Congress' failure to reauthorize the Cybersecurity Information Sharing Act of 2015 (CISA 2015) signals a fundamental shift in threat intelligence sharing and overall risk management strategies.
Vulnerability Management
Risk Management
Cyber Resilience
Industrial
Healthcare
Internet of Things

CISO Survival Guide: 4 Steps to Prepare for CISA 2015 Expiration

George V. Hulme
China-nexus threat actors are targeting edge devices that do not support EDR. Adm. Michael Rogers writes that cyber-physical systems could be next since many of the connected OT, IoT, and IoMT devices and sensors also lack EDR protection.
Operational Resilience
Internet of Things
Cyber Resilience
Healthcare
Industrial
Risk Management

Adversaries' Adaptability is Bad News for Cyber-Physical Systems

ADM. Michael S. Rogers, USN (Ret.)
The forthcoming National Cyber Strategy must aims to scale cyber disruptions of malicious threat actor activity, reduce friction points, and incentivize public-private collaboration that are essential to securing critical infrastructure and protecting American innovation.
Cyber Resilience
Risk Management
Federal

Scaling Disruption: What the Next Cyber Strategy Must Get Right

Megan Stifel
Amazon's intent to replace humans with robots represents a wave of cyber-physical systems (CPS) security that will need to be implemented not only in the logistics and warehousing industries but also for work-in-process (WIP) inventory in manufacturing and other critical industries.
Cyber Resilience
Industrial
Internet of Things
Operational Resilience
Operational Technology
Vulnerability Management
Risk Management

Automation Inroads Bring Urgency to CPS Protection

Jim LaBonty
The U.S. Environmental Protection Agency recently released a set of new planning and response tools designed to strengthen the cybersecurity defenses of the nation's at-risk water treatment systems. The move marks the latest in a series of federal actions aimed at bolstering the protection of drinking water and wastewater infrastructure in the U.S. from nation-state-driven cyberattacks.
Operational Technology
Operational Resilience
Cyber Resilience
Industrial
Risk Management

EPA Launches Comprehensive Cybersecurity Resources as Water Sector Faces Escalating Threats

George V. Hulme
Latest on Nexus Podcast
See all episodes
The Nexus podcast features conversations with security leaders, researchers, and experts sharing their expertise on cyber-physical systems security.
Jay Catherine, a security architect for a major retailer, joins the Nexus Podcast to discuss best practices for logistics cybersecurity within the retail space. This includes securing not only distribution, but also the operational technology involved in these manufacturing processes.
Industrial
Internet of Things
Cyber Resilience
Operational Resilience
Operational Technology

Nexus Podcast: Jay Catherine on Securing Logistics, OT in Retail
On this episode of the Nexus Podcast, Greg Garcia, Executive Director of The Health Sector Coordinating Council Cybersecurity Working Group, discusses the Sector Mapping and Risk Toolkit (SMART). SMART contains a set of 17 templates that enable healthcare organizations to map and visualize workflows, identify areas of risk, and where mitigations are most desperately needed.
Healthcare
Risk Management
Operational Resilience
Cyber Resilience

Nexus Podcast: Greg Garcia on the Sector Mapping and Risk Toolkit for Healthcare
nexus_frenz.jpg
Healthcare
Vulnerability Management
Risk Management
Internet of Things
Cyber Resilience

Nexus Podcast: Christopher Frenz on Evidence-Based Security