A joint report from industrial cybersecurity firm Dragos and Marsh McLennan warns that catastrophic disruptions to operational technology (OT) could impose nearly $330 billion in annual global losses in an extreme, 1-in-250-year scenario. The analysis highlights large business-interruption costs, broad supply-chain effects and growing risk to manufacturing and critical infrastructure that rely on connected OT systems.
Estimated Global Financial Toll and Methodology
Dragos and Marsh McLennan estimate total annual losses approaching $330 billion for a 1-in-250-year tail event. Within that scenario:
- Business interruption losses alone would exceed $172 billion.
- The report compares that tail risk with average figures: annual global risk of $12.7 billion and a 12-month aggregated risk of $31 billion.
The financial model draws on 10 years of breach and insurance-claims data from Marsh McLennan’s Cyber Risk Intelligence Center and factors in global supply-chain impacts and related downstream effects.
Why Indirect Losses and Business Interruption Drive Overall Risk
Dragos researchers note many organizations undercount indirect losses tied to disrupted operations and supply chains. Mark Stacey, VP of risk and resilience solutions at Dragos, said the industry often misallocates budget toward IT rather than OT.
“We see OT companies investing the majority of their cybersecurity budget on IT networks. The potential impact of business interruption (whether direct through adversary action or indirect to an abundance of caution) is often underestimated.”
The report stresses that remote-access tools and internet-connected OT increase the attack surface for manufacturing and critical infrastructure sectors.
Controls Most Associated With Risk Reduction
The analysis identifies three OT security measures most strongly correlated with lower aggregated risk:
- Maintaining a comprehensive incident-response plan
- Designing and operating defensible architecture
- Performing continuous monitoring to preserve network visibility
These controls are presented as the specific strategies linked in the report to measurable risk reduction.
Recent High-Profile Losses Illustrate the Scale of Impact
Recent incidents cited in the report and media coverage demonstrate the financial consequences of attacks that affect operations and supply chains:
- Marks & Spencer reported a roughly $400 million hit after a social-engineering incident tied to the Scattered Spider group.
- United Natural Foods said an attack linked to Scattered Spider would reduce sales by at least $350 million.
These cases underscore how cyber incidents that disrupt commerce or logistics can cascade into large financial losses.
Sectors and Operational Factors Highlighted by the Report
The report emphasizes that sectors with heavy OT dependence—manufacturing, utilities and other critical infrastructure—face rising exposure as remote-access tools and connected devices proliferate. It also notes that the full economic effect of a severe OT event extends beyond direct damage to widespread supply-chain disruption.
