A 94 percent illuminated waxing gibbous moon rises behind the EdgeNYC outdoor observation deck at … More Hudson Yards in New York City on November 16, 2021. (Photo by Gary Hershorn/Getty Images)
Getty Images
Skywatchers will be treated to a striking celestial pairing soon after sunset on Monday, July 7, as the moon passes close to one of the largest stars visible to the naked eye.
Now, just a few days from being full, the moon will be very bright and make stars hard to see in the night sky, but Antares won’t be missed. This red supergiant will shine to the upper right of the moon.
Meet The ‘Rival Of Mars’
Antares is a red supergiant star — a dying star. The 15th brightest in the night sky, it’s one of the largest stars we know of. If it was in the solar system in place of the sun, Antares would stretch all the way to between the orbits of Mars and Jupiter. According to BBC Sky At Night, Antares is 76,000 times more luminous than the sun.
Its name means the “rival to Mars,” with ant meaning anti and Ares referring to the Greek name for Mars. It gets that name not only because it’s reddish but because Mars sometimes passes close to Antares.
As the brightest star in the constellation Scorpius — a constellation best known for its curved “tail” — Antares is often called the “heart of the scorpion.”
Monday, July 7: Moon Meets Antares
Stellarium
When And Where To Look And What You’ll See
To catch this event, head outside shortly after sunset and find a clear view of the southeastern sky. The 92%-lit waxing gibbous moon will already be visible long before it gets dark, but as twilight begins, Antares will appear, glowing about four degrees above it. The moon will be around 248,145 miles (399,350 kilometers) from Earth, while Antares is about 550 light-years distant — a whopping 13 million billion times farther!
From mid-northern latitudes, only part of the Scorpion’s body rises above the southern horizon during the summer months. But even from these latitudes, the constellation’s claws — Achrab, Dschubba and Fang—should be visible above Antares.
Observing Tips
All you need for this sight is your naked eyes and a clear sky to the southeast. A stargazing app like Stellarium might help you locate the stars of Scorpius.
What’s Next In The Night Sky
If you can rise before the sun on Tuesday, July 8, you’ll see Venus shine brightly at its highest point in the morning sky during its current apparition. Although July 8 sees its highest point, it will be easy to see in the pre-dawn darkness until around July 21.
For exact timings, use a sunrise and sunset calculator for where you are, Stellarium Web for a sky chart and Night Sky Tonight: Visible Planets at Your Location for positions and rise/set times for planets.
Steam’s latest demo offerings include a game that looks like Stardew Valley but with a much larger focus on fishing.
With Stardew Valley now over nine years old, countless game developers have been inspired by the hit indie success.
It feels like there’s a particularly large market for cosy games that let you live out the peaceful village life as a farmer or fisherperson.
Misty Valley: A Cozy Fishing Tale is one such game, where you’re tasked with growing your grandfather’s old fishing business and bringing life back to the Misty Valley town.
It’s due to release via Steam Early Access later this year, with no concrete date set yet besides Q3 2025.
In the meantime, however, developer No Plan Games has released a free demo for Misty Valley on Steam. To download it, head to the game’s listing on Steam and navigate down to “Install Demo”.
“Step into the Misty Valley, a tranquil, cozy fishing adventure where your journey begins with the inherited of your grandfather’s old fisherman’s house,” reads the official description on Steam. “The valley, once full of life, now lays quiet and forgotten. Armed with a fishing rod, and an indomitable spirit, your task is clear: bring the valley back to life! Dive into serene waters, uncover hidden treasures, and restore the abandoned harbor and fish market to their former glory.”
It continues, “As you discover rare and legendary fish, you’ll slowly unlock the rich history of the valley, forming bonds with its quirky inhabitants and witnessing its revival. Ready to cast your line and restore the valley’s lost charm?”
The Misty Valley demo features a small slice of gameplay, with a partially-accessible ocean, limited fishing range, and a small introduction to the townsfolk and social aspects of the game.
Aside from that, keep an eye on the game’s store page for any updates regarding the release date.
With a rough window of Q3 2025, we’ll probably hear about it sooner rather than later.
YONGCHUAN – Fantasy action film Umro Ayyar: A New Beginning captured international attention at prestigious Shanghai Cooperation Organization (SCO) Film Festival in China.
Produced by VR Chili Production, the film is being hailed as a bold step forward in Pakistan’s cinematic storytelling and genre innovation. Inspired by legendary trickster-hero Umro Ayyar from classical Persian and Urdu literature, the film blends South Asian folklore with high-octane action, modern visual effects, and a compelling narrative that bridges tradition with contemporary cinematic style.
Umro Ayyar marks one of first times Pakistani film entered global fantasy action arena with a fully realized superhero grounded in local mythology. Its selection at the SCO Film Festival not only showcases Pakistan’s creative capabilities but also reflects the growing appetite for culturally rooted stories that resonate with a global audience.
Festival representatives called it more than just a film screening, as it is powerful cultural exchange. Umro Ayyar brings something fresh to the fantasy genre, a unique voice that reflects the heritage, values, and imagination of the region.
The film’s reception at festival sparked excitement among viewers and critics alike, with many praising its production quality, storytelling depth, and the ambition to create a homegrown cinematic universe.
An online booking system to improve community recycling centre services (CRCs) is being launched by Surrey County Council.
The council said the initiative, due to run between 11 August and 10 November, is for residents at the Camberley and Lyne (Chertsey) CRCs.
It added the scheme was being trialled to ease congestion at peak times and help the local authority manage the CRCs more effectively.
Natalie Bramhall, cabinet member for property, waste and infrastructure, said: “We’ve seen booking systems at CRCs introduced by councils in other areas of the country with great success and would like to trial a system of our own.
“We will continue to listen to residents and businesses to help shape the CRC service to make it as easy and effective as possible for Surrey residents.”
The council added that following the trial, the booking system would be evaluated and residents asked for feedback.
Slots will be available to book two weeks in advance, with the system going live on 28 July.
Residents can make up to 10 appointments per month with each slot lasting 15 minutes.
The council has confirmed that until 11 August residents can still visit both CRCs as usual, and no other CRCs will be impacted by the system.
NASA’s newest solar research mission is already producing some amazing outcomes. The PUNCH or Polarimeter to Unify the Corona and Heliosphere mission, which was launched on March 12, 2025, is a set of four small satellites working together in low Earth orbit to study the sun’s outer atmosphere and solar wind. Within weeks of launch, it sent back its first set of images, including a colourful and unusual “rainbow” view of a faint glow caused by sunlight scattering off dust in space that was rare and rarely seen before.These early images are scientific and have quickly caught the attention of space enthusiasts due to their unexpected beauty. One image, taken on April 18 by the WFI-2 instrument, shows a soft gradient of red, green, and blue light against a starry sky. The image shows how the spacecraft measures different wavelengths of light and the direction that light has been polarised by particles in space.
A rainbow in space
This image isn’t a real rainbow, but a false-colour representation of polarised light from space dust. The colours including red, green, and blue, reflect different polarisation angles that help scientists understand how light scatters off interplanetary particles.As said by NASA in a SwRI press release, “The image is colorised to show the polarization (or angle) of the zodiacal light, a faint glow from dust orbiting the sun.” These early images help scientists confirm that the instruments are working correctly and are ready for more detailed solar observations.
Seeing the moon in a new light
Another exceptional moment happened on April 27, when one of PUNCH’s cameras, the Narrow Field Imager (NFI), spotted the new moon passing near the sun. To see this clearly, the NFI used a special cover called an occluder to block out the sun’s bright light. In the image, the moon looks full even though it was technically a new moon. That’s because of something called “Earthshine”, or sunlight bouncing off Earth and lighting up the moon’s dark side. This helped scientists make sure the moon won’t get in the way of PUNCH’s future views of the sun’s outer layers.
On April 16, two of the other PUNCH satellites, WFI-1 and WFI, also captured the soft glow of zodiacal light. Through their wide-angle view, they picked up some famous sights in the night sky, like the Hyades and Pleiades star clusters, the Andromeda galaxy, and the Cassiopeia constellation. These early images are helping scientists fine-tune the instruments, but they also show just how sensitive PUNCH is as it can spot even the faintest details way out in space.
SPHEREx joins the ride
Launched alongside PUNCH aboard a SpaceX Falcon 9 rocket from Vandenberg Space Force Base, SPHEREx is another NASA mission with big goals. Unlike the James Webb Space Telescope, which zooms into distant objects, SPHEREx will scan the whole sky in 102 infrared colours. As Nicky Fox, associate administrator for NASA’s Science Mission Directorate, said in a SPHEREx briefing, “We are literally mapping the entire celestial sky in 102 infrared colors for the first time in humanity’s history.”Photo: NASA/ SwRI
SAVE $400: The Garmin Fenix 7 fitness tracker is on sale at Amazon for $499.99, down from the list price of $899.99. That’s a 44% discount and a new record-low price at Amazon.
We’re on the heels of an exciting Prime Day. This year we get four full days of shopping to find the best Apple deals, outdoor gear upgrades, and finally replacing those uncomfortable earbuds. If you have summer adventures planned or you’re looking to keep better tabs on your fitness metrics, there’s an especially great deal that’s already live on a fitness tracker.
As of July 6, the Garmin Fenix 7 fitness tracker is just $499.99 at Amazon, marked down from the list price of $899.99. That’s a major 44% discount that takes $400 off the smartwatch. It’s also a new record-low price at Amazon by a long shot.
Mashable Trend Report
Summer is the perfect time to get into a new fitness routine. With better weather and longer daylight hours, it can be a great way to set a new schedule that involves a focus on health. Whether you’re taking longer walks around the neighborhood or heading into the mountains to set a new trail record, the Garmin Fenix 7 is packed with useful features.
SEE ALSO:
Apple Watch deals are heating up ahead of Prime Day — get the lowest-ever price on the Series 10
For starters, who couldn’t use a built-in flashlight on their wrist? On the trail, this is incredibly useful for digging into your backpack to find that (probably melted) chocolate bar. At home, it’s a great way to avoid tripping on the dog during the midnight bathroom trip. The strobe function is gonna come in handy during winter runs at 5 p.m. when it’s completely dark out. But of course, the Garmin is packed with fitness tracking features, too.
On your wrist, you’ll have access to heart rate date, pulse Ox levels, and sleep metrics. Each morning, the Garmin will give you a daily report that discusses training readiness for the day. Plus, the the Garmin Fenix 7 is capable of solar recharging. But you shouldn’t need that too often since the watch can get up to 22 days of battery on a single charge when in smartwatch mode.
Since it’s down to a super low price at Amazon, it’s probably wise to jump on this Garmin Fenix 7 deal before Prime Day takes hold. There’s no telling when Amazon will decide to bump up the price while lowering others during the longest Prime Day sale ever.
The best early Prime Day deals to shop this weekend
Death toll from Texas flooding rises to nearly 70, officials say
The death toll due from the Texas floods has risen to nearly 70 overall on Sunday, with 59 people dead in Kerr County, officials said. The additional numbers are from outlying areas.
The number of missing girls from Camp Mystic has gone down to 11, from an original 27 missing.
Key events
The National Weather Service has extended its flood watch through 7 p.m. central time for central Texas.
The Service warns that additional rainfall of two-to-four inches are possible, with “isolated pockets of 10 inches” also possible. “It is very difficult to pinpoint where exactly the isolated heavy amounts will occur in this pattern,” the National Weather Service posted on X.
Kerr County officials said that, as of 9 a.m. central time on Sunday, 38 adults and 21 children have died in the county due to the deadly flooding. Eighteen adults and four children have not been identified.
The remaining dead are from outlying areas. There are a total of nearly 70 dead.
There are 11 Camp Mystic campers and one counselor still missing, officials said.
Death toll from Texas flooding rises to nearly 70, officials say
The death toll due from the Texas floods has risen to nearly 70 overall on Sunday, with 59 people dead in Kerr County, officials said. The additional numbers are from outlying areas.
The number of missing girls from Camp Mystic has gone down to 11, from an original 27 missing.
A MAGA congressional candidate in Georgia shared strange posts on social media, claiming that the weather is being manipulated, as search and rescue efforts continue in Texas after deadly flooding.
Kandiss Taylor, who is running for Congress in Georgia for the 2026 elections, posted on X: “Fake weather. Fake hurricanes. Fake flooding. Fake. Fake. Fake.”
In another post, Taylor doubled-down, by sharing conspiracy theories about natural disasters: “This isn’t just ‘climate change.’ It’s cloud seeding, geoengineering, & manipulation. If fake weather causes real tragedy, that’s murder.”
X users responded to Taylor, slamming her for her tweets.
She later said that her posts were about legislation proposed by right-wing MAGA and conspiracy-theorist congresswoman Marjorie Taylor Greene that would prohibit “the injection, release, or dispersion of chemicals or substances into the atmosphere for the express purpose of altering weather.”
“I wasn’t talking about Texas with this post,” Taylor said. “Liberal left winged media twisted what I said to make it about Texas.”
The longtime owner and director of Camp Mystic, a Christian girls camp, died while trying to save campers, a local publication reports.
Dick Eastland was “kind and welcoming” and is described as a father figure to campers.
Camp Mystic was established in 1926 along the Guadalupe River in central Texas nearly a century ago “to provide young girls with a wholesome Christian atmosphere,” Reuters reports.
Dick and his wife Tweety Eastland, are the third generation of the family that bought the camp in 1939, the camp website says. There are still 27 girls missing from Camp Mystic.
“[Eastland] was family to so many campers,” wrote Paige Sumner in the Kerrville Daily Times. “It doesn’t surprise me at all that his last act of kindness and sacrifice was working to save the lives of campers.”
People in Texas describe the terrifying moments after deadly flooding swept through the central part of the state. The death toll has risen to 59 people.
One man describes him and his wife being swept by the water and holding onto a tree until rescuers arrived to help. “It was scary, it was really scary,” he said.
The Guardian’s video team produced this piece on people caught up in the floods.
People recounted their ordeal after deadly flooding swept through central Texas on Friday morning.
Death toll from Texas flooding rises to 59, lieutenant governor says
The death toll from the flooding in Texas has risen to 59, according to the county’s Lieutenant Governor Dan Patrick (up from the previous total of 51). More details soon…
Here is a graphic showing where Camp Mystic is located within the state of Texas:
A graphic showing where Camp Mystic is located within Texas.A graphic showing where Camp Mystic is located within Texas.
Officials said this morning the tally of children missing from the Christian youth camp for girls stood at 27.
Officials have said waters in some parts of Texas are starting to recede to where they were before the storm.
The Guadalupe River near Kerrville – which surged by more than 20 feet within 90 minutes during the downpour — is, according to CNN, back down to just a foot or two higher than its level before the flood.
The hills along the Guadalupe River in central Texas are dotted with century-old youth camps and campgrounds where generations of families came to swim and enjoy the outdoors, Associated Press reports. The area is especially popular around the July Fourth holiday, making it more difficult to know how many are missing.
“We don’t even want to begin to estimate at this time,” Kerrville city manager Dalton Rice said earlier.
Search crews were facing harsh conditions while “looking in every possible location,” he said.
Jonathan Porter, the chief meteorologist at AccuWeather, a private weather forecasting company that uses National Weather Service data, said it appeared evacuations and other proactive measures could have been undertaken to reduce the risk of fatalities.
In a statement, he said:
People, businesses, and governments should take action based on flash flood warnings that are issued, regardless of the rainfall amounts that have occurred or are forecast.
As we mentioned in a previous post, local officials in Texas have said they had not expected such an intense downpour that was the equivalent of months’ worth of rain for the area.
“We know we get rains. We know the river rises,” said Kerr County Judge Rob Kelly, the county’s top elected official. “But nobody saw this coming.”
As much as 10 inches of intense rainfall fell within a few hours overnight in central Kerr County on Friday, causing the Guadalupe River’s banks to burst at about 4am local time.
Pope Leo has sent condolences to the families of devastating floods in Texas which killed at least 51 people and left nearly 30 others missing, many of them children.
Following Angelus prayers, the pontiff said:
I would like to express sincere condolences to all the families who have lost loved ones, in particular their daughters who were in a summer camp in the disaster caused by flooding of the Guadalupe River in Texas. We pray for them.
Aftermath of Texas floods – in pictures
Here are some of the latest images coming out from Texas after devastating floods forced authorities to launch one of the largest search-and-rescue efforts in the state’s recent history:
Houses and cars are partially submerged in flood waters in an aerial view near Kerrville, Texas. Photograph: US Coast Guard/ReutersA drone view shows the swollen San Gabriel river, in Georgetown, Texas, amid the deluge. Photograph: Adam Grumbo/Reuters Kyle Hammock stands in front of his damaged home on the bank of Guadalupe River after clearing debris from inside his home. Photograph: Jim Vondruska/Getty ImagesA volunteer rescue searcher speaks on the phone after deadly flooding in Kerr County. Photograph: Sergio Flores/ReutersA child’s baseball helmet lies among flood debris along TX-39 near Hunt, Texas. Photograph: Eric Vryn/Getty Images
What has the federal response to the Texas floods been?
US president Donald Trump addressed the deadly floods on Saturday. On his Truth Social platform, he said his administration was working with state and local officials on the ground in Texas to respond “to the tragic flooding” that occurred a day before.
“Our Secretary of Homeland Security, Kristi Noem, will be there shortly,” Trump wrote.
Speaking at a press conference alongside Texas Governor Greg Abbott on Saturday, Noem pledged that the Trump administration would use all available resources to help the state in its rescue efforts, including by bringing in more fixed-wing aircraft and helicopters to aid with operations.
She said the government would make it a priority to upgrade National Weather Service technology used to deliver warnings.
Noem said:
We know that everyone wants more warning time, and that’s why we’re working to upgrade the technology that’s been neglected for far too long to make sure families have as much advance notice as possible.
Kristi Noem speaks with Texas Gov Greg Abbott about ongoing search and rescue efforts at a press conference in Kerrville, Texas. Photograph: Rodolfo Gonzalez/AP
For context: Some state and local officials have said the NWS failed to provide accurate forecasts ahead of Friday’s destructive flooding.
“The original forecast that we received Wednesday from the National Weather Service predicted 3-6 inches of rain in the Concho Valley and 4-8 inches in the Hill Country,” Texas emergency management chief W. Nim Kidd told journalists on Friday. “The amount of rain that fell at this specific location was never in any of those forecasts.”
The father of Blair, 13, and BrookeHarber, 11, confirmed to CNN yesterday that his daughters had died in the Texas flooding after having gone missing in Kerr County.
RJ Harber told CNN that Blair “was a gifted student and had a generous kind heart” and that Brooke “was like a light in any room, people gravitated to her and she made them laugh and enjoy the moment”.
Neither Blair or Brooke were at Camp Mystic when they went missing.
Questions have arose as to why the severity of the flooding in the middle of the night on the Fourth of July holiday caught many officials by surprise.
Here is an extract from a story by my colleagues Oliver Milman, José OlivaresandRobert Mackey who have looked into the preparations for the flood and examined how federal policy may have impacted local projection capabilities:
Officials defended their preparations for severe weather and their response but said they had not expected such an intense downpour that was, in effect, the equivalent of months’ worth of rain for the area.
One National Weather Service (NWS) forecast this week had called for only 3-6in (76-152mm) of rain, said Kidd, of the Texas division of emergency management.
“It did not predict the amount of rain that we saw,” he said.
Saturday’s deaths renewed questions about whether it was wise for the Trump administration to implement deep budget and job cuts at the NWS – among other federal government agencies – since his second presidency began in January.
Camp Mystic, a nearly century-old Christian girls camp, had 700 girls in residence at the time of the flood, according to Texas Lieutenant Governor Dan Patrick.
Early Friday morning, shortly after the deluge hit, over 100 game wardens and an aviation group tried to access the camp, but they weren’t able to enter to start rescuing children until after midday, CNN reports.
One of the girls attending the camp, Renee Smajstrla, who was nine years old, was confirmed to be among the dead by her uncle.
“Renee has been found and while not the outcome we prayed for, the social media outreach likely assisted the first responders in helping to identify her so quickly,” Shawn Salta wrote on Facebook. “We are thankful she was with her friends and having the time of her life.”
A Sheriff’s deputy pauses while combing through the banks of the Guadalupe River near Camp Mystic. Photograph: Julio Cortez/AP
Camp Mystic said in an email to parents of the campers that if they had not been contacted directly, their child had been accounted for.
Another girls’ camp in the area, Heart O’ the Hills, said on its website that co-owner Jane Ragsdale had died in the flood but no campers had been present as it was between sessions.
Search for missing continues with at least 51 people killed, including 15 children
We are restarting our live coverage of the devastating Texas floods.
Hundreds of rescuers are desperately searching for people missing in central Texas, after torrential rains caused devastating flooding that killed at least 51 people, including 15 children.
The total number of missing people is not yet clear, but officials say that 27 of them are girls who had been attending Camp Mystic, a Christian youth camp located along the River Guadalupe in Kerr County, the area worst affected by the flood.
The river rose more than 20 feet in less than two hours overnight into the July 4 holiday.
Drone footage shows extent of deadly Texas flooding – video
The flooding in Kerr County killed at least 43 people, including 15 children, and at least eight people died in nearby counties, including Travis County and Tom Green County.
Searchers used helicopters, boats and drones to look for victims and to rescue people stranded in trees and from camps isolated by washed-out roads.
Authorities said about 850 people had been rescued, with more than 1,700 people involved in the search-and-rescue operation.
Texas Governor Greg Abbott vowed that authorities will work around the clock and said new areas were being searched as the water receded. He declared Sunday a day of prayer for the state.
In a post on X, he wrote that Camp Mystic was“horrendously ravaged in ways unlike I’ve seen in any natural disaster” and vowed that rescuers would find “every girl who was in those cabins”.
Stay with us as we bring you the latest updates on the floods throughout the day.
Furniture lie scattered inside a cabin at Camp Mystic after deadly flooding in Kerr County. Photograph: Sergio Flores/Reuters
The Wallabies have claimed victory in their first Test for 2025 after a Harry Wilson try in the 79th minute sealed a 21-18 win over Fiji at McDonald Jones Stadium.
In front of a record rugby crowd of 28,132 in Newcastle, the Wallabies raced to a 14-0 lead but were forced to dig deep after a second half barrage from the Flying Fijians.
The tourists swept to the lead with 25 minutes remaining after scoring 18 unanswered points before Wilson’s late, spinning move close to the line steered the Wallabies home.
The Wallabies were hungry for early points and nearly found their way through Harry Potter, who just couldn’t collect the cross-field kick.
It reflected a first half dominated by the hosts but couldn’t capitalise on their opportunities, with several tries disallowed.
Dave Porecki got Australia on the board via the rolling maul after Langi Gleeson was held up. Eight minutes later, Potter was denied again after the final pass from Tom Wright was judged to have travelled forward. The Wallabies were controlling territory but had another try disallowed for a crooked lineout throw.
The pressure eventually delivered points when slick hands from centres Len Ikitau and Joseph-Aukuso Suaalii created the space for Fraser McReight to dive over.
With the hosts in control, an errant kick right at half time gave Fiji a chance to counter as Salesi Rayasi went over to reduce the lead to 14-5 at the break.
The second half started as the first began with another Wallabies try denied – this time to Max Jorgensen after a forward pass from Wright to Harry Potter, who chipped ahead for his fellow winger.
This provided the window for Fiji to hit back, starting with a Caleb Muntz penalty to reduce the margin to under a converted try.
The door was then opened for winger Jiuta Wainiqolo to produce some magic to put the visitors in front. The Toulon winger collected the ball inside his 22 and broke through multiple defenders before throwing a magic offload for Lekima Tagitagivalu to dive over in the corner.
With all the momentum, Fiji looked to have scored again through Sireli Maqala, however, the hosts were saved after Potter’s foot was in touch before the turnover.
It went from bad to worse for the hosts after a nasty whiplash incident left flyhalf Noah Lolesio injured in the build-up.
Another Fiji penalty extended the margin to four points as the hosts held tough in defence.
The Fijians threw everything trying to seal the win as the Wallabies kept forcing turnovers.
It gave them a last chance to find a winner as several penalties put them on the five-metre line.
Up stepped the captain, spinning his way over the line and finding the chalk with 90 seconds to go for the winner,
Mature OT cybersecurity programs span beyond perimeter defenses, with an emphasis on deep visibility, continuous risk assessment, and strong governance reflecting the unique conditions and needs of OT (operational technology) environments. The roadmap accounts for legacy systems, scattered industrial installations, multilayer network segmentation, secure remote access to the plant, and asset inventories that are up to date, even as critical equipment ages. But most industrial companies are still stuck using legacy risk models designed for the way our systems used to be, rather than the way they are today. The question remains, however, is most, if not all, of the installed base is not hardened for modern threats, including ransomware, nation-state, and supply chain compromise, and leaves critical industrial environments at risk.
As cyber threats and attacks increasingly become physically and geographically charged, the responsibility for OT cybersecurity is being redrawn. Formerly the responsibility of control engineers and plant managers, OT security is now the responsibility of CISOs and enterprise security teams. This is not a smooth transition. For those environments that are intolerant of downtime, where production outages are not only cost-prohibitive but physically intolerable, the concept of chaos can seem like anathema to traditional security teams who have been weaned on IT-centric ‘patch and reboot’ playbooks. Even worse, these environments are not simple to secure while still servicing production workloads, requiring expertise, patience, and coordination.
Building OT cybersecurity programs must also deal with the pressure of cultural gaps between IT security practitioners and OT teams. Engineers may see security controls as impediments to safety or productivity, just as security teams may not recognize how arcane industrial systems are. These disconnects can throw even the most well-considered programs off track, creating a breach for attackers to take advantage of unguarded paths.
The CISOs, sometimes now charged with protecting OT, are ill-prepared to make this cross-cultural and technical leap. Policy updates will not be enough to ensure organizational success. Focusing on OT cybersecurity programs that require realizing the operational significance of cyber investments, investing in developing required skills, and leadership that understands the mission to keep production on, as well as recognizes the need for increases in protection as the threat environment continues to change. Anything less risks getting industrial cybersecurity mired in the past.
What makes a mature OT cybersecurity program?
Industrial Cyber reached out to industrial cybersecurity experts to explore what defines a mature OT cybersecurity program today. They also look into why so many industrial organizations still fall short of that standard.
Jeff Johnson, OT cyber program lead at MorganFranklin Cyber
Jeff Johnson, OT cyber program lead at MorganFranklin Cyber, told Industrial Cyber that a mature program should have holistic cybersecurity management that defines governance, roles, and process life cycles. It should follow a risk-based architecture using ISA/IEC 62443-3-2 for risk assessment and set security-level targets, with zoning and segmentation based on the Purdue Model or operational needs. Secure-by-design principles should be built into future architecture as a standard.
He also identified that throughout the ICS/OT lifecycle, product-level controls should enforce defense-in-depth, least privilege, and availability requirements, with security by design integrated into any new infrastructure from the outset. Finally, continual improvement through regular assessments, patching, monitoring, and incident readiness is essential.
On why most industrial organizations lag, Johnson pointed to legacy ecosystems that dominate with proprietary protocols and limited patching capabilities. OT teams are wary of changes that risk availability or safety… ‘This is the way we’ve always done it.’ He also added complexity and cost as formalizing cybersecurity management systems, asset inventories, segmentation, and secure procurement got pushed to the back burner. Additionally, these older devices are expensive and, in most cases, unnecessary in their eyes, from a productivity perspective.
Dino Busalachi director for OT cybersecurity at Barry-Wehmiller Design Group_
Dino Busalachi, director for OT cybersecurity at Barry-Wehmiller Design Group, told Industrial Cyber that mature programs share several key characteristics. Mature organizations typically adopt a security framework, such as NIST, IEC 62443, or NERC CIP, and integrate it across their operations.
He added that a critical gap often emerges when organizations fail to communicate their OT cyber strategy to key suppliers. CIO and CISO leadership need to build stronger relationships with original equipment manufacturers and system integrators, since these suppliers serve as the primary delivery teams responsible for bringing OT assets into manufacturing environments. Beyond designing and building these OT systems, they also handle ongoing support and maintenance, making their involvement essential.
Busalachi added that many IT departments have chosen their cybersecurity path without incorporating the broader OT ecosystem, both internally and externally. “This siloed approach prevents organizations from reaching the maturity level required to improve their cybersecurity programs effectively.”
Jason Rivera. Co-Founder & CEO, Cabreza
“A mature program is one with clear expectations, executive support, defined governance, collaborative culture, smart resourcing, dedicated OT security policies, controls and procedures, fit-for-purpose tools, measurable outcomes, a roadmap, and repeatability,” Jason Rivera, co-founder and CEO at Cabreza, told Industrial Cyber. “Any organization can get wrapped around the axle of one of those topics, but if they’re willing to collaborate, communicate, and compromise, maturity gains can be achieved.”
Kevin Kumpf, OT/ICS Strategist OT/ICS Strategist, Hard Hat Cybersecurity Services LLC
“What defines a mature OT cybersecurity program is having a grasp on the people, process, and technologies (including third parties) that make a business function in a safe and secure manner,” Kevin Kumpf, OT/ICS Strategist at Hard Hat Cybersecurity Services, told Industrial Cyber. “It includes C-Level leadership, IT, OT, change management, and third parties all working together and truly understanding the safety, availability, integrity, and confidentiality of their systems and their physical infrastructure.”
Kumpf said that most organizations have not achieved this because it is costly, and many organizations are outsourcing resource-driven driven using contractors to maintain systems and physical plants. “Outsourcing not only task-driven menial roles but also expertise-focused roles as well. While this produces cost savings on the bottom line, it sacrifices safety and security overall.”
Outdated risk models continue to weaken OT cybersecurity defenses
The executives address whether today’s OT cybersecurity programs are truly prepared to defend against modern threats like ransomware and nation-state attacks, or if they’re still relying on outdated risk models that can no longer keep up.
Johnson said that most organizations are in the process of rationalizing what OT means to their risk, business and bottom-lines, while ‘traditional OT verticals’ (utilities, etc.) tend to have more experience than most, the real challenge is creating space for a different kind of security within non-traditional verticals (healthcare, fintech, telecom, etc).
“This assumes that there is an OT cybersecurity program in place in the first place, focusing mainly on safety, downtime, and compliance, and underestimating cyber-physical attack vectors,” according to Johnson. “Modern threats have evolved fast: ransomware now includes extortion, disruption, and kinetic consequences. Gaps remain, as until ISA/IEC 62443 frameworks are fully applied, especially zones, monitoring, and SL-T enforcement, as many OT programs remain vulnerable.”
Busalachi sees a technology readiness vs. implementation issue, as cybersecurity technologies continue to advance and mature, but the problem lies with end users (asset owners) who are not moving the needle on implementation.
He added that proven frameworks remain valid. The SANS 5 OT Cybersecurity Critical Controls are not outdated and provide solid foundations, including defensible architecture, incident response, secure remote access, continuous monitoring, and vulnerability and risk management.
When it comes to critical visibility gaps, Busalachi identified that too many organizations fall short on OT asset discovery. “Many claim they want 100% visibility without understanding what this process truly means. There’s more to a plant than capturing only North-South traffic. The East-West traffic controls are equally critical for comprehensive security.”
Rivera said, “Unfortunately, probably not. A small manufacturer may be better equipped through a few smart, tactical decisions than a global distributor with politics, risk aversion, or special interests prevailing over site defense and resilience measures. This is what happens in the absence of meaningful, sector-specific standardization and benchmarking, apart from maybe the energy sector, with NERC-CIP.”
“That said, one issue with all the risk models is when they end up suggesting untenable efforts focused in one direction, causing the classic front door closed, back door wide open scenario,” he added. “That’s why I advocate for capability-based prioritization: Determining what can be done now, to get to next, and what can be done later, by when. The best equipped OT security programs are also built with achievability in mind, as well as risk reduction, and an unwavering tether to business and security resilience.”
Kumpf said that while the programs / regulatory standards themselves are attempting to align with cyber threats and risks, the organizations themselves are lacking a true understanding of what their risks truly are.
“As an example, while many organizations know what systems control OT resources, they do not have the depth of understanding on the interconnection of that system to others or how it impacts both upstream and downstream people, process, technologies, supply chain, etc.,” according to Kumpf. “Without clearly defined baselines, interconnectivity models, business risk quantifications, etc., there is no way to truly define a proper risk model.”
Industrial cybersecurity sees changing lines of responsibility
The executives examine who traditionally owns OT cybersecurity within industrial organizations, and how that ownership is shifting as cyber risks grow more physically and geopolitically charged.
“OT security historically has sat with plant engineering or operations teams—aligned to safety/process reliability. And from what I’m seeing, the majority still do,” Johnson said. “However, I do see a shift underway where CISOs, or embedded OT security leads, are now increasingly leading programs supported by cross-functional governance boards (OT Centers of Excellence in some cases).”
He added that cyber risk is rapidly merging with physical and geopolitically driven threats. Centralized cyber oversight ensures a coherent risk posture spanning IT, OT, supply chain, and geopolitical contingencies.
Busalachi said that ownership varies by sector. In critical infrastructure organizations, OT teams usually take responsibility for OT cybersecurity. However, they face significant challenges with limited resources and budget, especially in smaller organizations and municipalities.
He also identified an authority vs. responsibility disconnect. “IT departments may have cybersecurity responsibility, but they lack authority in OT environments. Ultimately, OT teams own the OT assets, not the other way around.”
From an engagement imperative, Busalachi said that IT leadership must decide whether to engage the OEMs and system integrators who are the primary deliverers of OT assets on the plant floor. “If these groups aren’t providing a clear path forward for their clients (OT asset owners), there’s a critical gap. IT is not currently engaging them effectively.”
“The CISO or CSO usually ‘owns’ programs, but that’s not to say they call every shot, or should. The most accountable and responsible parties need to listen, ask questions, and collaborate to prevent their program from dying on the vine,” Rivera said. “So, the evolved successful model of ownership is distributed between global security and the local, more operational teams.”
Kumpf said that cybersecurity risk is owned at the Board and C-suite level. “The C suite is responsible for the execution of the program, and in most organizations, this aligns to a CISO of IT. While some high areas of critical infrastructure (oil and gas, power, air and rail, etc) have an OT CISO, it is not the norm.”
“Implementation of the program resides with the plant manager or operational management of an OT area. There is a disconnect between this level and the levels above in nearly every organization I have worked with,” according to Kumpf. “There are not two communications, and this inhibits the true flow of information regarding physical and geopolitical risks. A CISO does not know where things are produced at the intimate level of a plant manager. A CISO does not understand the physical consequences of not having redundancy in core systems and why, in many instances, you cannot (digital twins are attempting to become a solution to this).”
Coping with cyber risk in downtime-averse OT environments
The executives explore how organizations are managing visibility and risk in legacy-heavy OT environments where downtime is intolerable and many assets remain difficult to identify.
Johnson said that organizations often start with asset inventory, using agentless discovery and network traffic analysis to map devices without disrupting operations. Risk-prioritized segmentation is then enforced through zoning and conduits to limit lateral movement.
In cases where patching is impossible, Johnson leaned towards hybrid compensating controls being deployed, including DMZs for devices that require both OT and IT access, along with firewall rules and other network-based protections. Finally, continuous monitoring and incident response provide situational awareness through network detection and response, anomaly detection, and response plans aligned with service-level agreements.
Busalachi said that maturity levels vary significantly, as less than 80% of organizations are mature enough to have developed comprehensive metrics. “Some sophisticated clients use Overall Equipment Effectiveness (OEE) to benchmark and improve manufacturing productivity.”
He added that the OT cybersecurity value proposition is that many organizations fail to realize these technologies actually help prevent events that cause unplanned and unscheduled downtime, improving OEE and overall operational efficiency.
“Well, organizations with programs should have control (and compensating control) criteria and requirements established for asset, detection/monitoring, and risk management,” Rivera said. “They’re entity-level exercises with outcomes that can be iterated on as people and technologies change. But for the organizations that just passed ‘Go’ and grabbed a tool off the shelf, they’re probably not managing well.”
“The only absolute way you can resolve this is to walk the plant floor and take a physical inventory. Once that inventory is collected, you need to ensure it is given to an owner (not an outside third party) who will continually update, maintain, and control its existence,” according to Kumpf. “You need to understand the who, what, when, where, and why of the asset. Who owns it, what it does for the organization, when it is used (non stop running, once a week, etc.), where it is located and how it is connected/accessed, and why the organization needs it (can another device already in place do the same function or task). Lastly, you need to understand its BIA/BCP if that device has an event/issue.”
The executives look into the cultural disconnects that exist between operations and cybersecurity teams, and how these tensions impact the success or failure of security initiatives.
Using the ‘Apples and Oranges’ analogy, Johnson said that OT leaders emphasize uptime and safety; cyber teams emphasize defense and confidentiality. “Both are good on their own, but I don’t want warm orange juice with spices in the fall, or cold apple juice with my cereal in the morning.”
“OT sees cyber as a threat to physical continuity, especially when misconceived as IT-centric. Cyber side frames standards/tools in IT jargon, while OT values safety, functional continuity, and risk-driven practices,” according to Johnson. “This friction leads to stalled segmentation, delayed patching, and token compliance. Using ISA/IEC 62443 ‘s shared language—zoning, risk scores tied to operational impact, measurable controls—to translate requirements into operational benefits for both sides, you can bridge the gap and provide a win for everyone.”
Highlighting the visibility problem, Busalachi said that too often, “when visiting manufacturing facilities to tour plant floors (OT environments), it’s the first time many IT team members (infosec, networking) have been onsite. In many cases, they haven’t visited the plant in years or have never been on the plant floor to review industrial control system architecture, applications, infrastructure, and networks.”
He added that IT departments have significant blind spots related to OT environments. “The critical question is – what is IT’s relationship with internal OT teams and their third parties (vendors, OEMs, and system integrators)? If these relationships don’t exist, cybersecurity initiatives will inevitably fall short.”
“Disconnects in responsibilities, expectations, decisions, risks, and feedback loops are going to happen. They can become some of the most defining moments of an organization’s OT security journey,” Rivera said. “But they’re also where the juiciest work is, which pays off greatly for any organization serious about doing OT security the right way. It’s important to learn from them and continuously strengthen relationships. On that note, incentivization models go a long way.”
Noting that there is a disconnect between plant-level operations and the C-suite, Kumpf said that “They do not have a true voice or advocate at the table. People at the C-level are dollar and risk-driven. Can we do it cheaper (put things in the cloud, outsource, etc.) and by the need to automate security through instant patching, AI-driven threat mitigation, shutting down systems that are outdated?”
“I equate this to the vision of the smartphone in today’s world. Why do you need a phone, camera, computer, desk calendar, etc., when you can do it all in one device (IT thinking)? OT is not built like that,” Kumpf added. “You would not expect a photographer you hired at a special event to show up with a cell phone and begin to take pictures or a person you paid to build you a custom cabinet to just go to a home improvement store and buy one, and just add hardware you selected.”
He also mentioned that OT is driven by many unique processes and situations. “There is always room to improve and streamline, but every plant and OT operation is unique and with its own challenges. It is not a ‘one size fits all.’”
CISOs struggle to bridge IT-OT cyber divide
The executives assess whether CISOs are well-positioned to lead OT cybersecurity efforts or whether a cultural and technical divide between IT and OT still hinders effective leadership.
“CISO leadership is increasingly essential as they bring board-level visibility, governance expertise, and a holistic risk mindset,” Johnson said. “However, many CISOs lack deep OT fluency, without operational credibility, and OT teams resist their guidance.” He added that CISOs with dedicated OT deputies or cross-functional steering committees bridge domain knowledge gaps. “CISOs must speak OT’s language— connecting cyber measures to safety, reliability, and business continuity.”
Identifying that the clear answer is ‘no,’ Busalachi said that CISOs are not well-positioned to lead OT cybersecurity efforts if they’re not engaging the external OT ecosystem operating in their manufacturing facilities. “This engagement gap represents a fundamental barrier to effective OT cybersecurity leadership. The technical and cultural divide between IT and OT continues to hinder progress until leadership bridges these gaps through meaningful engagement with all stakeholders in the OT ecosystem,” he added.
Rivera said that barring a substantial rise in CSO surpassing CISO roles within industrial organizations, “the CISO is the best positioned to lead, even despite being classically trained in IT security first. If there is some great divide, that’s the CISO allowing that kind of culture to exist, and they need to address it.”
He concluded that every moment of division is really just a moment for collaboration that’s lost its way.
