Improving OT cybersecurity remains a work in progress

Organizations have made progress in the past 12 months related to advancing their OT security posture, but there are still critical areas for improvement as IT and OT network environments continue to converge, according to Fortinet.

OT security improvement areas

Cyberattacks that compromise OT systems are on the rise

In 2023, 49% of respondents experienced an intrusion that impacted either OT systems only or both IT and OT systems. But this year, 73% of organizations are being impacted. The survey data also shows a year-over-year increase in intrusions that only impacted OT systems (from 17% to 24%). Given the rise in attacks, 46% of respondents indicate that they measure success based on the recovery time needed to resume normal operations.

31% of respondents reported more than six intrusions, compared to only 11% last year. All intrusion types increased compared to the previous year, except for a decline in malware. Phishing and compromised business email intrusions were the most common, while the most common techniques used were mobile security breaches and web compromise.

As threats grow more sophisticated, the report suggests that most organizations still have blind spots in their environment. Respondents claiming that their organization has complete visibility of OT systems within their central security operations decreased since last year, dropping from 10% to 5%.

However, those reporting 75% visibility increased, which suggests that organizations are gaining a more realistic understanding of their security posture. Yet 56% of respondents experienced ransomware or wiper intrusions—an increase from only 32% in 2023—indicating that there is still room for improvement regarding network visibility and detection capabilities.

OT security still have critical areas for improvement

The percentage of organizations that are aligning OT security with the CISO continues to grow, increasing from 17% in 2023 to 27% this year. At the same time, there was an increase to move OT responsibility to other C-suite roles, including the CIO, CTO and COO, to upwards of 60% in the next 12 months, clearly showing concern for OT security and risk in 2024 and beyond.

Findings also indicate that some organizations, where the CIO is not outright responsible, there is an upward shift of these responsibilities from the Director of Network Engineering to the Vice President of Operations role, which illustrates another escalation of responsibility. This elevation into the executive ranks and below, regardless of the title of the individual overseeing OT security, may suggest that OT security is becoming a higher-profile topic at the board level.

To address rapidly evolving OT threats and an expanding attack surface, many organizations have assembled a broad array of security solutions from different vendors. This has yielded an overly complex security architecture that inhibits visibility while placing an increased burden on limited security team resources.

“Fortinet’s 2024 State of Operational Technology and Cybersecurity Report shows that while OT organizations are making progress in strengthening their security posture, teams still face significant challenges in securing converged IT/OT environments. Adopting essential tools and capabilities to enhance visibility and protections across the entire network will be vital for these organizations when it comes to reducing the mean time to detection and response and ultimately reduce the overall risk of these environments,” said John Maddison, CMO at Fortinet.

Breaking bad actors eBook

Fill out the form to get your eBook:

Don't miss