Nearly one-third (31%) of OT organizations reported more than six intrusions in the last year, up from 11% the year before
John Maddison, Chief Marketing Officer at Fortinet, discusses the findings from Fortinet’s 2024 State of Operational Technology and Cybersecurity Report. The report reveals that while OT organizations are improving their security posture, they still face significant challenges in securing converged IT/OT environments. Maddison emphasizes the importance of adopting essential tools and capabilities to enhance visibility and protection across the entire network. This approach is crucial for reducing mean time to detection and response, thereby lowering the overall risk in these environments.
Alan Reyes, Country Manager at Fortinet Philippines, highlights the escalating sophistication of cyberattacks targeting OT systems. He stresses that as IT and OT environments integrate, Philippine organizations must strengthen their security postures to effectively counter these threats. Reyes recommends a platform approach tailored for protecting both IT networks and OT environments. Such an approach simplifies security architecture and consolidates security tools to address evolving OT threats effectively.
Fortinet’s 2024 State of Operational Technology and Cybersecurity Report underscores the ongoing progress and areas for improvement in OT security. It provides insights into securing the expanding IT/OT threat landscape and offers best practices for enhancing security in these converged environments.
Key findings from the global survey include:
Best Practices
Fortinet’s global 2024 State of Operational Technology and Cybersecurity Report provides actionable steps for organizations to enhance their security posture. To address OT security challenges effectively, organizations can implement the following best practices:
- Deploy segmentation. Reducing intrusions requires a hardened OT environment with strong network policy controls at all points of access. This kind of defensible OT architecture starts with creating network zones or segments. Teams should also evaluate the overall complexity of managing a solution and consider the benefits of an integrated or platform-based approach with centralized management capabilities.
- Establish visibility and compensating controls for OT assets. Organizations must be able to see and understand everything that’s on the OT network. Once visibility is established, organizations must protect any devices that appear to be vulnerable, which requires protective compensating controls that are purpose-built for sensitive OT devices. Capabilities such as protocol-aware network policies, system-to-system interaction analysis, and endpoint monitoring can detect and prevent the compromise of vulnerable assets.
- Integrate OT into security operations and incident response planning. Organizations should be maturing towards IT-OT SecOps. To achieve this, teams must specifically consider OT with regard to SecOps and incident response plans. One step teams can take to move in this direction is to create playbooks that incorporate the organization’s OT environment.
- Embrace OT-specific threat intelligence and security services. OT security depends on timely awareness and precise analytical insights about imminent risks. Organizations should make sure their threat intelligence and content sources include robust, OT-specific information in their feeds and services.
- Consider a platform approach to your overall security architecture. To address rapidly evolving OT threats and an expanding attack surface, many organizations use a broad array of security solutions from different vendors, resulting in an overly complex security architecture. A platform-based approach to security can help organizations consolidate vendors and simplify their architecture. A robust security platform that is purpose-built to protect both IT networks and OT environments can provide solution integration for improved security efficacy while enabling centralized management to enhance efficiency.
Report Overview
- The Fortinet 2024 State of Operational Technology and Cybersecurity Report is based on data from a global survey of more than 550 OT professionals, conducted by a third-party research company.
- Survey respondents were from different locations around the world, including Australia, New Zealand, Argentina, Brazil, Canada, Mainland China, France, Germany, Hong Kong, India, Japan, Mexico, Norway, South Africa, South Korea, Spain, Taiwan, Thailand, United Kingdom, and the United States, among others.
- Respondents represent a range of industries that are heavy users of OT, including: manufacturing, transportation/logistics, healthcare/pharma, oil, gas, and refining, energy/utilities, chemical/petrochemical, and water/wastewater.
- Most of those surveyed, regardless of title, are deeply involved in cybersecurity purchasing decisions. Many respondents are responsible for operations technology at their organization and/or have reporting responsibility for manufacturing or plant operations.
Additional Resources
- Read the full report to learn more about the state of OT security in 2024.
- Learn about how the Fortinet Security Fabric platform brings end-to-end security to organizations of all sizes to prevent ransomware across all points of entry.
- Learn more about Fortinet’s commitment to product security and integrity, including this recent blog post on its longstanding commitment to responsible product development and vulnerability disclosure approach and policies.
- Learn about Fortinet’s free cybersecurity training programs, which include broad cyber awareness and product training. As part of the Fortinet Training Advancement Agenda (TAA), the Fortinet Training Institute also provides training and certification through the Network Security Expert (NSE) Certification, Academic Partner, and Education Outreach programs.
- Learn more about FortiGuard Labs threat intelligence and research and Outbreak Alerts, which provide timely steps to mitigate breaking cybersecurity attacks.
- Learn more about Fortinet’s FortiGuard Security Services portfolio.
Follow Fortinet on X, LinkedIn, Facebook, and Instagram. Subscribe to Fortinet on our blog or YouTube.