As industrial organisations accelerate their digital transformation journeys, the very instruments that underpin measurement and analytics – sensors, flowmeters, chromatographs, analysers – are rapidly becoming core cyber-risk assets, writes David Lincoln, Global Digital Lead at ABB Measurement and Analytics. Once largely isolated, these devices are now deeply connected, feeding critical process data into remote systems, optimisation platforms and cloud infrastructure. That connectivity, however, requires careful consideration and adherence to security best practices.
Industrial sectors, including the oil and gas industry, saw a 935% surge in ransomware attempts in 2025 compared to the year before, with data exfiltration being the primary driver of these attacks. Industrial measurement devices are no longer passive data collectors; they are cyber-physical assets of strategic importance. When these devices lack robust security, attackers can compromise data integrity, leading to distorted process control, false readings, and manipulated safety thresholds. Disruption can follow, not just in the digital realm but in physical operations: safety incidents, environmental non-compliance, production losses, and reputational damage all become possible consequences.
Legacy systems: a growing liability
Compounding the risk is the fact that many industrial installations continue to rely on legacy measurement systems designed long before cybersecurity was a priority. In fact, 52% of global manufacturing plants and factories still rely on legacy technology, making agility and predictive maintenance more difficult. Furthermore, 2024 saw a 75% increase in cyberattacks year-on-year, with the manufacturing sector emerging as the most impacted.
Legacy devices often lack encryption, role-based access control or signed firmware. When upgrading operational technology networks, it’s important to ensure that no new vulnerabilities are inadvertently created. At the same time, many organisations lack a coherent device-level cyber-resilience strategy. In reality, as little as 28% of organisations embed security into transformation initiatives from the outset, indicating that in too many cases, security is still being bolted on, rather than designed in.
A regulatory push for secure-by-design
The evolving threat landscape and regulatory pressure make it clear that measurement devices must be secure-by-design. Regulatory dynamics reinforce this imperative. Emerging frameworks such as the EU Cyber Resilience Act are mandating that connected products be ‘secure-by-design’, supporting maintainability, and providing clear documentation of cyber risk throughout their lifecycle. These requirements align with industry-specific cybersecurity standards such as IEC 62443, which prescribe system-level controls covering access management, data integrity, and resilience.
Embedding cybersecurity at the hardware and firmware level – not just relying on network defences – is essential. Devices should incorporate encrypted data channels, certificate-based authentication, enforced password policies, auditing and patch mechanisms. Built-in security features not only help ensure regulatory alignment but also offer a competitive advantage. Devices designed with security inherently reduce risk, simplify compliance, and strengthen operational trust.
By enforcing secure defaults and disabling legacy protocols unless explicitly required, manufacturers can reduce risk without sacrificing operability or performance. When devices enforce role-based access and maintain comprehensive audit logs, they support accountability and traceability even in complex industrial environments.
From risk to resilience: building a roadmap
Phasing in these capabilities does not require a wholesale rip-and-replace of existing instrumentation. A pragmatic approach involves risk-based assessment of legacy devices, segmentation of more vulnerable assets, deployment of secure gateways or protocol bridges, and stringent access control policies. Over time, ageing devices can be replaced with next-generation, cyber-hardened alternatives, while defending against immediate threats and maintaining operational continuity.
Security at the device level also unlocks strategic value. When measurement and analytics assets are intrinsically resilient, they are designed to withstand both cyber and physical disruptions through a combination of secure hardware, hardened firmware, and robust operational protocols. Resilience is achieved by incorporating encrypted data channels, certified authentication, and tamper-evident hardware. Built-in redundancy, failover mechanisms, and self-diagnostic capabilities ensure continued operation even under adverse conditions.
Role-based access control, comprehensive audit logging, and automated patch management further protect devices from misuse or compromise. As a result, these modern assets enable richer data pipelines, more advanced analytics, and smarter decision-making. Remote maintenance becomes viable, and real-time diagnostic and predictive maintenance methodologies become available. Secure, trustworthy data flows support environmental reporting, compliance assurance, and sustainability goals, turning resilient instrumentation into a strategic enabler rather than a vulnerability.
Measurement devices are the data generators that enable control and process monitoring. It is imperative that plants can trust the data they’re generating, and that the device is accurate and precise, ensuring that the transmitted data has not been compromised.
Cybersecurity as a design principle
From a risk-management perspective, the case for upgrading or replacing insecure devices is compelling. The financial and reputational costs of a cyber incident – whether via data manipulation, ransomware, or worse – can far outweigh investment in secure analytical solutions or instrumentation. Furthermore, as threat actors increasingly favour data extortion over simple encryption, the value of a secure-by-design architecture only grows.
Industrial leadership must therefore treat cybersecurity not as a downstream concern, but as a design principle. Risk assessments should explicitly evaluate field devices – not only whether they are accurate and reliable, but whether they are cryptographically secure, auditable, and maintainable. Procurement specifications must prioritise devices with embedded cybersecurity capabilities. Operations, engineering, OT, and security teams must collaborate to create a long-term roadmap for secure instrument deployment, legacy mitigation, and maintenance.
In parallel, organisations should integrate device-level resilience into broader business continuity and cyber-resilience planning. Cyber risk must be seen as integral to safety, compliance, and operational performance. Given the surge in cyber-physical incidents, industrial firms that neglect embedded device security are exposing themselves to increasingly severe operational and financial consequences.
The digital transformation of industrial measurement and analytics cannot afford to be half-baked. Connectivity, automation and analytics deliver immense value, but without a foundation of embedded cybersecurity, industrial organisations are fundamentally exposed. In a world where ransomware is growing exponentially, data theft is now the primary leverage for attackers, and regulations are tightening, embedding security at the device level is not optional, it’s strategic.
Author biography:
David Lincoln is the Global Digital Lead at ABB Measurement & Analytics, where he oversees digital transformation initiatives across the business. His work focuses on advancing ABB’s industrial solutions through the integration of cutting-edge technologies, including the deployment of generative AI capabilities into ABB products and digital offerings.
