When companies think about threats to continuity and safety in industrial environments, they often focus on physical elements: Equipment failures, supply chain disruptions, or natural disasters. But recent events like the cyberattack on U.S. steel manufacturer Nucor suggest a far subtler and increasingly consequential risk: Weak digital access controls. 

In May 2025, Nucor, the largest steel producer in the U.S., suffered a cyberattack that temporarily halted production at multiple facilities. While the company responded quickly and managed to limit the damage, the incident laid bare a vulnerability that remains common across critical infrastructure: Compromised access. Although Nucor did not disclose the root cause, some reports estimate it may have involved compromised third-party credentials or weak remote access tools — both issues that are widespread, yet preventable. 

In today’s virtual world, modern industrial environments rely on a wide variety of users to maintain operational uptime —internal employees, remote technicians and external vendors — all with varying levels of access to critical systems. According to a recent survey conducted by our company, nearly nine out of 10 manufacturers authorize remote third-party access to OT environments to take care of a wide variety of functions, while six out of 10 permit more than 100 external parties (vendors, contractors, suppliers, OEMs, etc.) to access these environments remotely. 

That is why such remote access must be both seamless and exceptionally secure. The reality is, most cyberattacks don’t begin with a dramatic break-in… they start with a login.  

Remote Access Challenges 

The challenge begins in the attempt to balance operational agility with strict access governance. Too often, organizations rely on outdated systems like VPNs or jump servers to manage remote connections to their facilities, believing that these tools are enough to secure remote entry.  

On paper, the box is checked. You set it – now forget it.  

In reality, these systems weren’t built for a hyper-connected, hybrid world — and certainly not for the methods and threats used by today’s hackers. It’s akin to locking a factory door with a padlock: It may appear secure to the average passerby, but it offers little real protection against a criminal with the right set of tools. 

What makes this particularly urgent is that, as every corner of our world digitizes more deeply and holistically, cybersecurity can now directly influence every critical function of a business. When access controls fail, the consequences ripple far beyond the IT department. Operations bear the immediate brunt — production slows or stops, teams are disrupted, and safety can be compromised – but finance departments are left managing recovery efforts, absorbing insurance hikes and accounting for revenue losses. And that’s even before the longer-term implication of reputational damage rears its ugly head. 

Organizations are aware of these risks, yet too many continue to treat access as a next-year problem — something to address after the next budget cycle or infrastructure refresh. But inaction is not an inconsequential act. Making security a problem for tomorrow is an active choice, opening the door to risk today. It leaves vulnerabilities in place and magnifies the impact of a future breach. Access must be treated as a business issue placed at the forefront of management agendas, rather than a technical concern alone, buried in an IT roadmap. 

Redefining Cyber Resilience 

Organizations don’t need to wait for the perfect moment to begin bolstering their resilience. What’s needed is a shift from passive detection and reaction to active prevention — proactively blocking threats before they impact operations. The first imperative is to close high-risk access points, separate IT and OT environments more effectively, and gain visibility into who is connecting to what, when and why.  

That includes not only managing access policies, but ensuring they are identity-based, time-bound and instantly revocable. Perhaps most critically, leadership must own the question of access. Can a third-party contractor move between environments unchecked? Are credentials to critical systems being shared? Is there a clear oversight process in place for accountability and audits?  

Strengthening your security posture starts with taking control. That means putting clear, enforceable protocols in place for how remote access is granted, monitored and revoked. Use identity-based authentication, enforce time-bound sessions, and set granular policies for third-party access. Built in reviews and supervision so there’s no ambiguity — just full visibility into who’s connecting, when, and why. 

Guard, Don’t Gamble 

The companies that weather the threats of the future most effectively are the ones that move decisively in the present. They treat access as a strategic risk, not a back-office detail. They shift from a reactive mindset focused on detection to a proactive one — blocking threats while enabling secure, efficient operations and supporting uptime. They act not just because something has gone wrong — but because they know it eventually will.  

That mindset—shifting from reactive defense to proactive foresight — is what sets strong security leadership apart. In 2025, CISOs and their teams have a rare opportunity to create a new standard — one that stops breaches before they begin. Instead of preparing to clean up after the next attack, they can champion proactive measures today that help ensure it never happens at all.