A New Pressure Point for Industrial Operators
In October 2025, Microsoft ended its support for Windows 10, adding yet another unsupported platform to the list that OT environments quietly continue to run. A familiar problem getting harder to ignore, adding to the dilemma we covered last year. TXOne Networks has now completed its second annual survey, taking input from 550 senior decision-makers across France, Germany, Italy, Poland, Sweden, and the UK. The picture it paints is one of deepening exposure, rising incidents, and an industry beginning — slowly — to respond.
Legacy Windows Is Still the Backbone of Many OT Environments
Despite years of modernisation efforts, legacy Windows platforms remain deeply embedded across European industrial infrastructure:
- Six in ten organisations report that legacy Windows makes up at least half of their OT environment
- One in six say more than 75% of their operational infrastructure depends on legacy Windows
The reasons are largely unchanged from 2025. The top barriers to replacing legacy systems:
- Compatibility with legacy equipment: 54%
- High cost of replacement: 38% (down from 45% in 2025)
- Downtime risks associated with upgrades: 35%
- Lack of vendor support for newer systems: 21%
The drop in cost concerns from 45% to 38% may reflect growing awareness that dedicated protection is a more viable near-term path than full system replacement.
Incidents Are Rising
51% of organisations experienced cybersecurity incidents involving legacy Windows systems in the past 12 months, up from 43% in 2025. For nearly one in four, those incidents occurred more than once.
Incident rates by country:
- Sweden: 72%
- Poland: 68%
- UK: 64%
Incident rates by sector:
- Food & Beverage: 70%
- Semiconductor: 70%
- Energy: 61%
The leading threat concerns:
- Malware and virus infections: 56%
- Unauthorised access: 38%
- Ransomware: 37%
- Lack of patching or updates: 33%
The Problem of Security Deployment Without Operational Disruption
43% of respondents cite potential system performance impact as their top concern when implementing security, and 39% worry about conflicts with OT applications. These concerns are understandable, as most available security tools were built for IT environments, not production floors where any disruption is liable to have direct operational consequences.
Other implementation concerns:
- Endpoint protection adoption fell from 51% in 2025 to 39% in 2026, likely reflecting recognition that conventional IT endpoint tools can conflict with OT operations
- 18% of respondents are concerned about the lack of sufficient expertise to configure OT security solutions, up from 13% in 2025
The Cost Calculation Is Shifting
55% of respondents now believe implementing cybersecurity solutions for legacy systems costs less than upgrading them. 60% plan to invest in dedicated legacy Windows protection — rising to 68% among organisations that have already experienced an incident.
Top criteria when evaluating solutions:
- Proven effectiveness in protecting legacy systems: 45%
- Cost-effectiveness: 45%
- Ease of implementation without disrupting operations: 43%
What to Look For
The report identifies three capabilities that matter most:
- Operations must not be disrupted. The right solution deploys without modifying legacy systems, without requiring maintenance windows, and with hardware bypass so production traffic continues even during security system failure.
- It must support the operating systems already in place. That includes Windows XP, Windows 7, and Windows 2000. Any solution that requires an OS upgrade misses the point entirely.
- Network and endpoint protection need to work together. Most organisations run separate tools for monitoring, segmentation, and endpoint protection. The gaps between those tools are where incidents happen.
TXOne Networks: Built for These Environments
More than 3,600 organisations worldwide rely on TXOne Networks to protect their OT environments. For legacy Windows protection:
- TXOne Stellar provides endpoint protection across Windows 2000 through Windows 11 and Windows Server 2025, with committed support through at least 2031. One agent, one console, covering 25 years of Windows versions.
- TXOne Edge and EdgeIPS deliver network-level intrusion prevention across 180+ industrial protocols, with hardware bypass built in.
- TXOne Sennin provides centralised management across both, eliminating the fragmentation the survey identifies as a core risk.
All deploy without modifying existing systems, without production shutdowns, and without interfering with OT applications.
Download the full 2026 Legacy OT Cybersecurity Report to explore the complete data across all six countries and eight industry sectors.
Related Article:
