Kaspersky's approach to measuring the cost of weak OT security

Kaspersky's new OT cybersecurity calculator focuses on expressing cyber risk in business and financial terms rather than technical language.

Cyber Security Ransomware Email Phishing Encrypted Technology, Digital Information Protected Secured

Industrial companies are facing a growing problem when it comes to cybersecurity: the cost of getting it wrong is rising, but the cost of getting it right is also harder to justify.

Security teams often understand the risks in technical terms, while board members tend to look for clear financial reasoning before approving spending. This gap can make cybersecurity a difficult topic to move forward, even when the threat is real.

Kaspersky has introduced an online calculator to help industrial firms put numbers behind operational technology (OT) cyber risks. The tool focuses on estimating the financial impact of bad OT security, providing decision-makers with a clearer picture of how much a breach could cost the business.

At a time when cybersecurity budgets are under pressure and security spending is being scrutinized more closely, a tool like this may help organizations assess whether the cost of investing in OT security is justified when compared with the potential financial damage of an incident. Instead of relying only on technical risk assessments, the calculator frames cyber exposure in terms that are easier to weigh against other business expenses.

This approach matters as industrial systems become more connected. According to VDC Research, more than 60% of industrial companies reported major costs associated with cybersecurity incidents last year. These costs can include production downtime, safety risks, recovery work, and reputational damage.

Even so, security funding often competes with other priorities because the financial impact of cyber incidents is not always clear at the board level.

The calculator is designed to help close that gap. Companies can provide information such as their industry, region, firm size, breach history, and current security policies. Based on this data, the tool estimates potential losses associated with OT cyber incidents and outlines where stronger security controls could decrease those risks. It also compares results to industry benchmarks to show how an organization's exposure compares to its rivals.

Because the output is structured in financial terms, the tool could also help security teams explain cybersecurity risks to board members and senior leaders in a language they are more familiar with. Instead of abstract threat scenarios, it provides cost estimates to help influence discussions about risk, priorities, and investment decisions.

By shifting the conversation from technical weaknesses to potential business impact, the calculator is intended to support clearer internal discussions about where cybersecurity fits into overall risk management.

"We believe this calculator is a powerful resource for transforming complex cyber risk data into straightforward financial insights. It enables OT leaders, security professionals, and executive teams to develop clear, data-driven business cases and recognize the value of cybersecurity investments. With actionable guidance, it promotes a comprehensive approach to resource management and strengthens overall organizational resilience," Andrey Strelkov, Head of Industrial Cybersecurity Product line at Kaspersky commented.