For many years, Industrial Control Systems (ICS), or Operational Technology (OT), have been relatively safe from cyber attacks. The control and telemetry systems used in industrial plants and manufacturing environments were typically placed on isolated or “air gapped” communication networks, and the systems themselves were based on highly specialized operating systems which were difficult to attack because they were relatively obscure and unknown to most attackers. All of this is changing. Control system architectures are being connected to traditional enterprise IT networks (Ethernet, Wi-Fi, etc.), and device manufacturers are building OT devices and control systems on top of common operating systems such as Windows, Linux, Android, and VxWorks. These changes increase the risk that control systems can be compromised by the same kind of attacks used to compromise devices on corporate IT networks. According to a commissioned study conducted by Forrester Consulting on behalf of Armis, 66% of manufacturers have experienced a security incident related to IoT devices over the past two years. This white paper explores the cybersecurity challenges in manufacturing and industrial environments and proposes ways to address them.