Bangalore: 93% of OT (operational technology) organisations experienced an intrusion in the past 12 months, and 78% experienced more than three revealed in the 2022 Fortinet global State of OT and Cybersecurity report. The stats in the report indicate why OT security remains a corporate-level concern for organisations.
“While OT security has the attention of organisational leaders, critical security gaps remain. PLCs designed without security, continued intrusions, a lack of centralised visibility across OT activities, and growing connectivity to OT are some of the critical challenges these organisations need to address,” said Vishak Raman, VP – Sales, India, SAARC and Southeast Asia, Fortinet
“Security converged into the OT networking infrastructure, including switches and access points and firewalls, is essential to segment the environment. This combined with a platform that spans OT, converged OT/IT and IT provides end-to-end visibility and control,” added Raman.
Fortinet released its global 2022 State of Operational Technology and Cybersecurity Report. It revealed that while industrial control environments continue to be a target for cybercriminals – with 93% of Operational Technology organisations experiencing an intrusion in the past 12 months – the report uncovered widespread gaps in industrial security and indicated opportunities for improvements.
Key findings of the report include:
- OT activities lack centralized visibility, increasing security risks. The Fortinet report found that only 13% of respondents have achieved centralised visibility of all OT activities. Additionally, only 52% of organisations are able to track all OT activities from the security operations centre (SOC).
At the same time, 97% of global organisations consider OT a moderate or significant factor in their overall security risk. The report findings indicate that the lack of centralised visibility contributes to organisations’ operational technology security risks and weakened security posture.
- Operational technology security intrusions significantly impact organisations’ productivity and their bottom line. The Fortinet report found that 93% of OT organisations experienced at least one intrusion in the past 12 months and 78% had more than three intrusions.
As a result of these intrusions, nearly 50% of organisations suffered an operation outage that affected productivity with 90% of intrusions requiring hours or longer to restore service. Additionally, one-third of respondents saw revenue, data loss, compliance and brand value impacted as a result of security intrusions.
- Ownership of OT security is not consistent across organisations. According to the Fortinet report, OT security management falls within a range of primarily director or manager roles, ranging from the Director of Plant Operations to the Manager of Manufacturing Operations. Only 15% of survey respondents say that the CISO holds the responsibility for operational technology security at their organisation.’
- OT security is gradually improving, but security gaps still exist in many organisations. When asked about the maturity of their organization’s OT security posture, only 21% of organisations have reached level 4, which includes leveraging orchestration and management.
Notably, a larger proportion of Latin America and APAC respondents have reached level 4 compared to other regions. Over 70% of organisations are in the middle levels toward having a mature OT security posture.
At the same time, organisations face challenges with using multiple OT security tools, further creating gaps in their security posture. The report found that a vast majority of organisations use between two and eight
different vendors for their industrial devices and have between 100 and 10,000 devices in operation, adding complexity.
Why OT Security remains a Corporate-Level Concern
As OT systems increasingly become targets for cybercriminals, C-level leaders recognize the importance of securing these environments to mitigate risks to their organisations.
Industrial systems have become a significant risk factor since these environments were traditionally air-gapped from IT and corporate networks, but now these two infrastructures are becoming universally integrated. With industrial systems now being connected to the internet and more accessible from anywhere, organisations’ attack surface is increasing significantly.
With the IT threat landscape becoming more sophisticated, connected OT systems have also become vulnerable to these growing threats. This combination of factors is moving industrial security upward in many organizations’ risk portfolios.
OT security is a growing concern for executive leaders, increasing the need for organizations to move toward full protection of their industrial control system (ICS) and supervisory control and data acquisition (SCADA) systems.