Enable Efficient Risk Management and Transfer
CISOs, OT Facility Managers, Cybersecurity Practitioners, Executive Boards and Insurers need better quantification of cyber risks across their fleet of Operational Technology (OT) assets to enable efficient risk management and transfer.
DeNexus delivers an evidence-based solution for OT industrial stakeholders to gain visibility into each facility’s cyber exposure, calculate the probability and financial impact of potential cyber incidents, and prioritize risk mitigation based on ROI or other KPIs.
End-to-End Solution for Cyber Risk
Identify Exposures
Translate vulnerabilities in your OT infrastructure into potential risk for your business.
Quantify Cyber Risk
Evaluate the financial impact of cyber risk at all times across all your OT individual assets and entire portfolio. Know where your business is most at risk.
Prioritize Risk Mitigation Projects
Easily visualize how each risk mitigation project reduces your exposure and improves your risk profile.
Justify Cybersecurity Investments
Use risk mitigation ROI analyses to make informed decisions on where to invest first.
Compare to Peers
Benchmark your cyber risk posture against your industry peers and across your fleet of assets.
Optimize Risk Transfer
Use our outputs to guide your cybersecurity and risk management strategy, including cyber insurance.
A New Approach to OT Cyber Risk
CISO - CFO Collaboration
Cyber risk is a technology AND a business issue. DeNexus gives CISOs and CFOs a solution to collaborate and prioritize cyber investments.
Risk Visibility at All Levels
DeNexus aggregates the risk across all your sites and delivers a clear picture of the potential impact of cyber incidents on your business.
Optimized Budget
DeNexus empowers you to prioritize cybersecurity efforts and allocate resources by showing where you are most at risk
Rich Cyber Risk Metrics
DeNexus shows the highest risk vulnerabilities, access vectors and sites to CISOs and the cybersecurity projects with the highest ROI and mitigation impact to CFOs.
Analysis is available for each site or a grouping of sites with comparison to industry peers.
Explore DeRISKTM
OT Cyber Risk and the Insurance Gap: When Digital Events Cause Physical Loss
Operational Technology, Physical Damage, and the Insurance Gap
Industrial operations are now tightly linked to digital systems. That means a cyber event can move beyond data loss and become a real-world interruption, equipment issue, or physical loss.
Operational Technology now helps run the physical world. It helps control plants, lines, pumps, valves, sensors, and safety systems. It also sits closer than ever to office networks, remote access, cloud tools, and third-party support. That link has changed the nature of cyber risk.
In a normal office setting, a cyber event may lead to stolen data, fraud, or a short outage. In an industrial setting, the same event can stop production, block visibility, affect safety systems, and at times damage physical assets. The loss is no longer only digital. It becomes financial, operational, and sometimes physical.
1. OT changes the risk
Operational Technology controls physical processes. When it fails, the result is not only a technical issue. A cyber event can stop a line, shut a site, spoil product, delay shipping, or create an unsafe process state. In the worst cases, it can lead to fire, explosion, flooding, or damage to major equipment.
That is why OT cyber risk should not be framed as only an IT problem. It is also a business interruption and property issue. Many insurance programmes still lag behind that reality.
2. Jaguar Land Rover shows the scale
The Jaguar Land Rover disruption in August 2025 is a clear case. What looked like an IT compromise led to a precautionary shutdown of core systems. Because production was linked to those systems, the disruption spread into manufacturing. Major UK plants at Solihull, Halewood, and Wolverhampton stopped for about six weeks.
The reported UK financial impact reached £1.9 billion and affected more than 5,000 organisations across the supply chain. This was not just a data event. It was a long and costly halt to operations. For insurers, the lesson is plain. When production depends on connected systems, cyber events can create losses far larger than many policy limits assume.
3. Why the gap remains
The gap remains because OT teams and insurers often describe the same risk in very different ways. OT teams talk about control loops, process safety, and site dependencies. Insurers talk about triggers, limits, wording, and capital.
When that translation breaks down, the market gets cautious. The risk is hard to explain. The loss is hard to model. Limits stay low. The result is a gap between the loss a company may suffer and the cover that is likely to respond.
Three drivers often sit behind that gap. The first is connectivity. IT and OT are more linked than before. The second is concentration. One shared point of failure can stop many operations at once. The third is edge exposure. Remote assets, vendors, and access points widen the attack surface. These are not abstract issues. They are direct drivers of loss.
4. Traditional cover was not built for this
Many cyber policies were built around data breach costs, system recovery, and privacy claims. Many property policies were not built around physical damage caused by a cyber act. That leaves clients in an awkward middle ground.
The same issues appear time and again. Policy wording can be vague. Definitions can be unclear. Even simple questions can become disputed. Is a programmable logic controller a computer? Is a sensor part of cyber cover, property cover, or neither? War exclusions and malicious cyber extensions can add more doubt.
This is not only a drafting problem. It is an underwriting problem. If insurers and reinsurers cannot see the path from cyber event to physical loss with enough confidence, capacity stays tight and terms stay cautious.
5. The main driver is often downtime
When people hear the term cyber-physical loss, they often think first of disaster. That concern is valid. A cyber event that disrupts OT systems, corrupts sensor data, and weakens safety responses can end in serious physical harm.
Consider an offshore oil rig. If a cyber incident disrupts sensor data and control loops, safety systems may fail to trigger shutdown because the data is no longer sound. Pressure can then build without action. A valve fails. Hydrocarbons are released. An explosion follows. The result can include casualties, total asset loss, environmental damage, and very large claims.
But disaster is not the only issue. In many industrial settings, downtime is the main driver of loss. Production stops. Restart takes time. Product is lost. Waste rises. Supply chains are hit. Penalties may follow. For many insureds, that is where the biggest exposure sits.
6. What clients need
From the client side, the ask is simple. First, they need meaningful limits that reflect real downtime and site exposure. If six weeks of disruption can create a billion-pound loss, cover must be sized with that in mind.
Second, they need clear language. Clients should not have to wait for a dispute to learn what the policy means. Clear definitions, clear triggers, and clear exclusions matter.
Third, they need a simpler way to share underwriting data. Today the process is often slow and fragmented, with spreadsheets, long forms, and repeated follow-up. OT data should be easier to collect, explain, and transfer through the insurance chain.
7. How the market can respond
The path forward is practical. The market needs better data, better scenario mapping, and better coordination.
Better data means a clearer view of OT assets, key links, and loss drivers. Better scenario mapping means showing how a cyber event can move through an industrial site and create operational or physical loss. Better coordination means risk engineers, CISOs, insurance buyers, insurers, and reinsurers working from the same view of the exposure.
There is also a strong case for more live data and more standard ways to describe OT environments. If risk can be shown in a form the market trusts, capital can engage with more confidence. That is how capacity grows.
Bottom line
Operational Technology is now central to industrial resilience, and that means it is central to insurance as well. A cyber event that begins in a digital system can stop production, damage assets, and create major financial loss in the physical world. Yet many insurance structures still reflect an older view of cyber risk.
Closing that gap will take clearer language, better data, stronger models, and closer work between technical and insurance teams. When that happens, cyber-physical risk becomes easier to understand, easier to price, and easier to insure.
ICS/OT Compromise-to-Remediation Trends (2024–2025) Show Increasing Risk of Financial Losses
SANS has released the 2025 edition of its annual State of ICS/OT Security survey series, and I’ve continued to dig into its results. In my last blog, ICS/OT Initial Attack Vector Trends 2021-2025: Analysis of SANS Survey Data and the Path from Craft to Science, I focused on access vectors that have shown decline over the last four years, and those that appear to be increasing.[1]