OT Security U.S. oil and gas sector faces OT security challenges post-Operation Epic Fury May 8, 2026 Share By SC Staff (Adobe Stock) The U.S. oil and gas sector's cybersecurity posture is under renewed scrutiny following Operation Epic Fury, with a new survey revealing a significant gap between operator confidence and actual operational technology (OT) security capabilities. While investments have accelerated, many organizations may still lack the necessary tools to identify real-time cyber threats targeting OT environments, according to a recent report by The Cyber Express. A survey of OT decision-makers in the U.S. oil and gas sector found that 87% of operators are confident in detecting an OT breach within 24 hours. However, over half rely primarily on IT security tools with limited visibility into OT networks, and 27% depend on manual detection by field staff. This reliance on inadequate systems creates a major vulnerability, especially after Operation Epic Fury, which has heightened awareness of cyber risks. Sixty-three percent of operators now perceive cyber risk as higher than before February 28. The sector is rapidly increasing cybersecurity spending, with 94% of operators reviewing unplanned OT security investments. Key priorities for improvement include continuous monitoring, anomaly detection, and OT-specific incident response. Despite increased spending, cultural divides between IT and OT teams remain the largest obstacle to progress, with operational risk aversion also cited as a significant challenge. This comes amid federal warnings about Iran-aligned cyber activity targeting critical infrastructure, including programmable logic controllers in energy and water sectors. Source: The Cyber Express SC Staff Related Zero trust Federal zero trust guidelines for OT environments unveiled SC Staff May 1, 2026 Mounting cybersecurity threats against operational technology networks stemming from the growing interconnectedness of industrial systems have prompted the Cybersecurity and Infrastructure Security and other federal agencies to issue joint guidance on implementing zero trust across OT systems, reports Infosecurity Magazine. Vulnerability Management Remote building compromise likely with EnOcean SmartServer bugs SC Staff May 1, 2026 SecurityWeek reports that vulnerable internet-exposed EnOcean SmartServer IoT platform instances impacted by the security bypass flaw, tracked as CVE-2026-22885, and the remote code execution issue, tracked as CVE-2026-20761, could be targeted to remotely compromise smart buildings, data centers, and factories. Critical Infrastructure Security Drones pose evolving security risks for public gatherings SC Staff May 1, 2026 A report from the Center for Internet Security highlights that drones introduce novel risks that traditional security measures are ill-equipped to handle. Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe You can skip this ad in 5 seconds