When organizations are seeking out the right cybersecurity controls for their OT environments and devices, the clear objective is to decrease and eliminate risks. Too often organizations only adopt the minimal level of security. While each organization defines its security risk levels, it is often based on their production environments, industrial devices and the critical risk factor of their facility production.