93% of OT companies have been penetrated once in the past 12 months, in 78% even more than three times
Fortinet®, a leading global provider of comprehensive, integrated and automated cyber security solutions, presents its global study entitled “2022 State of Operational Technology and Cybersecurity Report”.
The report shows: Industrial control environments are still an important target for cybercriminals – 93% of Operational technology (OT) companies have been penetrated within the last twelve months. In addition, the report uncovered widespread gaps in industrial safety and identified opportunities for improvement. The main findings of the report include, among others:
OT activities lack centralized visibility, which increases security risks
The Fortinet report showed that only 13% of respondents have a central overview of all OT activities. In addition, only 52% of companies are able to track all OT activities from the Security Operations Center (SOC). At the same time, 97% of companies worldwide see OT as a moderate or important factor in their overall security risk. The results of the report suggest that the lack of central visibility contributes to the OT security risks and the weakened security profile of companies.
OT security breaches have a significant impact on the productivity and profit of companies
According to the Fortinet report, in the last twelve months, attackers have penetrated at least once in 93% of OT organizations, and even more than three times in 78% of the companies surveyed. As a result of these attacks, almost 50% of the companies lost operations and thus impaired productivity. After 90% of successful attacks, it took the affected people several hours or more to restore operations. In addition, security breaches caused a third of the respondents to lose sales, data loss and negatively affected compliance and brand value.
The responsibility for OT security is not uniform in the companies
According to the Fortinet report, employees at the director or manager level usually cover OT security management. The spectrum ranges from the head of plant operation to the person responsible for manufacturing processes. Only 15% of the survey participants stated that the CISO is responsible for OT security in their company.
OT security is gradually improving, but there are still vulnerabilities in many companies
When asked about the maturity level of their OT security profile, only 21% of companies rated themselves at level 4, the targeted use of orchestration and management. It is noteworthy that a larger proportion of respondents in Latin America (LATAM) and the Asia-Pacific region (APAC) have reached level 4 than in other regions. More than 70% of companies are about halfway to a mature OT security profile. At the same time, the use of several OT security tools poses challenges for companies, which leads to further gaps in their security profile. The report found that the vast majority of companies use between two and eight different vendors for their industrial equipment and have between 100 and 10,000 devices in use, which adds to the complexity.
OT-Security is a matter for the boss
OT systems are increasingly becoming the target of cybercriminals. Against this background, company management is increasingly recognizing the importance of securing these environments and thus minimizing the risks for the company. Industrial systems have become a significant risk factor. In the past, these environments were isolated from IT and corporate networks by air gap – but today they are increasingly integrated with each other. Since industrial systems are now connected to the Internet and accessible from anywhere, the attack surface for companies is significantly increasing.
In the face of increasingly sophisticated IT threats, networked OT systems have also become vulnerable to these growing threats. This combination of factors means that industrial cybersecurity is becoming more of a focus for many companies. OT security is an increasingly important concern for senior executives. The consequence: Companies must strive for comprehensive protection of their industrial control systems (ICS) and their monitoring, control and data acquisition systems (SCADA).
Overcoming the challenges of OT security
Fortinet’s global 2022 State of Operational Technology and Cybersecurity Report shows how companies can eliminate the vulnerabilities of OT systems and improve their overall security profile. Companies can take the following steps to strengthen their OT security:
- Introducing Zero Trust Access to prevent security breaches. More and more industrial systems are connected to a network. Zero Trust Access solutions can therefore ensure that users, devices or applications cannot gain access to critical assets without the correct credentials and permissions. To improve OT security, Zero Trust Access solutions can increase protection against internal and external threats.
- Introduce solutions for a central visibility of all OT activities. A central, consistent visibility of all OT activities is the key to ensuring that companies improve their security profile. 6% of respondents are among the top-tier organizations that reported no intrusion in the past year. According to the Fortinet report, the probability of centralized visibility among these companies is more than three times that of those affected by burglaries.
- Consolidate security tools and vendors to enable full integration. In order to reduce complexity and get a central overview of all devices, companies should bundle their OT and IT technologies with a few providers. The introduction of integrated security solutions helps companies to reduce their attack surface and improve their security profile.
- Introducing Network Access Control (NAC) Technology. Companies that were able to fend off all burglary attempts last year were more likely to have a role-based NAC. This ensures that only authorized persons can access systems that are crucial for securing digital resources..
John Maddison, EVP of Products and CMO at Fortinet
“This year’s global State of OT and Cybersecurity Report shows that while corporate executives have their eyes on OT security, critical vulnerabilities still exist. Programmable logic controllers (PLCs) designed without security, continuous intrusion into systems, a lack of centralized visibility over OT activities and the increasing connectivity of OT environments are some of the most pressing challenges for these organizations. Integrating security directly into the OT network infrastructure, including switches, access points and firewalls, is crucial for segmenting the environment. Combined with a platform that spans OT, converged OT/IT and IT, this provides end-to-end visibility and control.“
About the Fortinet OT and Cybersecurity Survey:
This year’s State of Operational Technology and Cybersecurity Report is based on a survey of more than 500 global OT experts conducted in March 2022. The survey was aimed at people in management positions responsible for OT and OT security, from managers to executives at the management level. Respondents represent a number of industries that make heavy use of OT, including manufacturing, transportation and logistics, and healthcare.