Fortinet, a global leader in broad, integrated, and automated cybersecurity solutions, has released its global 2022 State of Operational Technology and Cybersecurity Report.
Industrial control environments continue to be a target for cybercriminals, with 93 per cent of operational technology (OT) organisations experiencing an intrusion in the past 12 months. The report uncovered widespread gaps in industrial security and indicated opportunities for improvements.
Key findings of the report include:
- OT activities lack centralised visibility, increasing security risks.
- OT security intrusions significantly impact organisations’ productivity and their bottom line.
- Ownership of OT security is not consistent across organisations.
- OT security is gradually improving, but security gaps still exist in many organizations.
OT security: A corporate-level concern
As OT systems increasingly become targets for cybercriminals, C-level leaders recognise the importance of securing these environments to mitigate risks to their organisations. Industrial systems have become a significant risk factor since these environments were traditionally air-gapped from IT and corporate networks, but now these two infrastructures are becoming universally integrated. With industrial systems now being connected to the internet and more accessible from anywhere, organisations’ attack surface is increasing significantly.
With the IT threat landscape becoming more sophisticated, connected OT systems have also become vulnerable to these growing threats. This combination of factors is moving industrial security upward in many organisations’ risk portfolio. OT security is a growing concern for executive leaders, increasing the need for organisations to move toward full protection of their industrial control system (ICS) and supervisory control and data acquisition (SCADA) systems.
Best practices to overcome OT security challenges
Fortinet’s global 2022 State of Operational Technology and Cybersecurity Report indicated ways organisations can address OT systems’ vulnerabilities and strengthen their overall security posture. Organisations can address their OT security challenges by:
- Establish Zero Trust Access to prevent breaches.
- Implementing solutions that provide centralized visibility of OT activities.
- Consolidating security tools and vendors to integrate across environments.
- Deploying network access control (NAC) technology.
Enter, Fortinet Security Fabric
According to Fortinet, for more than a decade its systems have protected OT environments in critical infrastructure sectors such as energy, defense, manufacturing, food, and transportation.
By designing security into complex infrastructure via the Fortinet Security Fabric, organisations have an efficient, non-disruptive way to ensure that their OT environment is protected and compliant. With full integration and shared threat intelligence, industrial organisations gain fast, automated responses to attacks in any vector.
Fortinet’s Security Fabric covers the entire converged IT-OT network to close OT security gaps, deliver full visibility and provide simplified management.
This year’s State of Operational Technology and Cybersecurity Report is based on a survey of more than 500 global OT professionals conducted in March 2022.
The survey targeted professionals holding leadership positions responsible for OT and OT security, from managers to C-level executives. Respondents represent a range of industries that are heavy users of OT, including manufacturing, transportation and logistics, and healthcare.
“This year’s global State of OT and Cybersecurity Report demonstrates that while OT security has the attention of organisational leaders, critical security gaps remain. PLCs designed without security, continued intrusions, a lack of centralized visibility across OT activities, and growing connectivity to OT are some of the critical challenges these organisations need to address. Security converged into the OT networking infrastructure, including switches and access points and firewalls, is essential to segment the environment. This combined with a platform that spans OT, converged OT/IT and IT provides end-to-end visibility and control,” said John Maddison, EVP of Products and CMO at Fortinet.