/dqc/media/agency_attachments/3bO5lX4bneNNijz3HbB7.jpg)
Follow Us/dqc/media/media_files/BAE0LSryVz7clGq20OlB.png)
Fortinet 2024 State of Operational Technology and Cybersecurity Report
Fortinet, a global cybersecurity provider, has announced the findings from its global 2024 State of Operational Technology and Cybersecurity Report. The report details the current state of operational technology (OT) security and identifies areas for improvement as organizations face an expanding IT/OT threat landscape. In addition to trends and insights affecting OT organizations, the report offers best practices to help IT and OT security teams secure their environments more effectively.
Progress and Areas for Improvement.
The report indicates that organizations have made progress in advancing their OT security posture over the past 12 months. However, there are still critical areas for improvement as IT and OT network environments continue to converge.
Key Findings
1. Rise in Cyberattacks: Cyberattacks compromising OT systems are increasing. In 2023, 49% of respondents experienced an intrusion impacting OT or both IT and OT systems. This year, nearly 73% of global organizations and 65% of Indian organizations reported being impacted. There was also an increase in intrusions affecting only OT systems, rising from 17% to 25%. Nearly half (47%) of respondents measure success based on the recovery time to resume normal operations.
2. High Number of Intrusions: More than half (55%) of respondents reported more than six intrusions in the past 12 months, compared to 11% last year. All intrusion types increased, except for a decline in malware. Phishing and compromised business email intrusions were most common, with mobile security breaches and web compromises as prevalent techniques.
3. Detection Methods Lagging: As threats become more sophisticated, many organizations still have blind spots. Only 15% of respondents claimed complete visibility of OT systems within their central security operations, though those reporting 75% visibility increased. More than 70% of respondents experienced ransomware or wiper intrusions, almost double the attacks reported in 2023, indicating the need for better network visibility and detection capabilities.
4. Elevation of OT Cybersecurity Responsibility: Responsibility for OT cybersecurity is increasingly being aligned with executive leadership. The percentage of organizations aligning OT security with the CISO has doubled to 33%. There is also a trend towards shifting OT responsibility to other C-suite roles, including CIO, CTO, and COO, with expectations to reach 60% in the next 12 months. In some organizations, responsibility is shifting from the Director of Network Engineering to the Vice President of Operations, suggesting that OT security is becoming a higher-profile topic at the board level.
Best Practices -
The report provides actionable steps for enhancing security posture:
1. Deploy Segmentation: Create network zones or segments to reduce intrusions and manage solutions with centralized management capabilities.
2. Establish Visibility and Compensating Controls: Ensure visibility of everything on the OT network and protect vulnerable devices with compensating controls, such as protocol-aware network policies and endpoint monitoring.
3. Integrate OT into Security Operations: Develop playbooks incorporating the OT environment and consider OT in SecOps and incident response plans.
4. Embrace OT-Specific Threat Intelligence: Use OT-specific threat intelligence and security services for timely awareness and precise analytical insights about risks.
5. Consider a Platform Approach: Consolidate security solutions and simplify the architecture with a platform-based approach to protect both IT networks and OT environments, enhancing efficiency and security efficacy.
“The critical nature of OT and ICS systems in infrastructure, healthcare, and manufacturing elevates their risk. This year’s OT report highlights positive signs of OT security maturing, from establishing visibility and segmentation at the basic level to leveraging orchestration and automation capabilities at the highest level. To further advance in maturity and readiness, organizations need to leverage segmentation to create defensible OT architecture, establish visibility and protective controls for OT assets, and integrate OT into security operations and incident response planning to ensure comprehensive protection and collaboration across IT, OT, and production teams,” said Vishak Raman, VP of Sales, India, SAARC, SEA & ANZ at Fortinet.