UrsaClimb Logo

'Richter Scale' Model Measures Magnitude of OT Cyber Incidents

Dark Reading
by Kelly Jackson Higgins
February 25, 2026
AI-Generated Deep Dive Summary
A new scoring system, inspired by the Richter Scale used to measure earthquake intensity, has been developed to assess the impact of operational technology (OT) cybersecurity incidents. This OTI Impact Score aims to provide a standardized way to evaluate the severity, reach, and duration of cyber events affecting OT environments, offering clarity for decision-makers like businesses, governments, insurers, and media. The model was created by Dale Peterson, co-founder of Digital Bond, and Munish Walther-Puri from TPO Group. It addresses the challenge of understanding the true impact of OT incidents, which are often either overstated or underestimated. By focusing on three key factors—severity (ranging from minor disruption to catastrophic destruction), geographic spread, and duration—the OTI Impact Score provides a quantitative measure for response efforts, such as allocating resources and investigating cyber-insurance claims. The system is particularly relevant given that while severe OT attacks remain rare, many organizations have experienced disruptions linked to OT or IoT systems. For instance, an IT network ransomware attack can cascade into operational issues, like the 2023 Clorox incident. The OTI model distinguishes between direct OT network breaches and indirect impacts through IT networks, emphasizing their potential ripple effects. Volunteers from the ICS/OT industry will assess incidents using an online portal, aiming to issue scores within 12 hours. Each factor is scored independently and then combined into a final impact score. This approach ensures timely, accurate evaluations, helping shift focus toward the business implications of OT incidents rather than technical details alone. The OTI Impact Score aims to improve response efficiency and ensure that resources are aligned with the true severity of an event. By providing a consistent framework, it addresses gaps in understanding and communication about OT cyber risks, ultimately supporting better decision-making for stakeholders across industries.
Verticals
securitytech
Originally published on Dark Reading on 2/25/2026