Industrial control environments continue to be a target for cyber criminals, with 93% of Operational Technology (OT) organizations experiencing a breach in the past 12 months, yet “widespread gaps” remain in industrial security, Fortinet’s newly released 2022 State of Operational Technology and Cybersecurity report said.
Here’s what the report found:
A lack of centralized visibility contributes to organizations’ OT security risks and weakened security posture.
- 13% of respondents have achieved centralized visibility of all OT activities.
- 52% of organizations are able to track all OT activities from the security operations center (SOC).
- 97% of global organizations consider OT a moderate or significant factor in their overall security risk.
OT security intrusions significantly impact organizations’ productivity and their bottom line.
- 93% of OT organizations experienced at least one intrusion in the past 12 months and 78% had more than three intrusions.
- Nearly 50% of organizations suffered an operation outage that affected productivity with 90% of intrusions requiring hours or longer to restore service.
- One-third of respondents saw revenue, data loss, compliance and brand-value impacted as a result of security intrusions.
Ownership of OT security is not consistent across organizations.
- OT security management ranges from the Director of Plant Operations to Manager of Manufacturing Operations.
- 15% of survey respondents say that the CISO holds the responsibility for OT security at their organization.
OT security is gradually improving, but security gaps still exist in many organizations.
- 21% of organizations have reached level 4, which includes leveraging orchestration and management.
- More than 70% of organizations are in the middle levels toward having a mature OT security posture.
- A vast majority of organizations use between two and eight different vendors for their industrial devices and have between 100 and 10,000 devices in operation.
OT Security is a Corporate-Level Concern.
- As OT systems increasingly become targets for cyber criminals, C-level leaders recognize the importance of securing these environments to mitigate risks to their organizations.
- With industrial systems now being connected to the internet and more accessible from anywhere, organizations’ attack surface is increasing significantly.
Operational Technology (OT): Four Cybersecurity Best Practices
Fortinet recommends the following four OT best practices:
- Establish Zero Trust Access to ensure that any user, device or applications without proper credentials and permissions are denied access to critical assets.
- Implement centralized visibility of OT activities. Top-tier organizations – which make up the 6% of respondents that reported no intrusions in the past year – were more than three times as likely to have achieved centralized visibility than their counterparts who suffered intrusions.
- Consolidate security tools and vendors to integrate across environments, reduce attack surfaces and improve security posture.
- Deploy network access control (NAC) technology to ensure that only authorized individuals can access specific systems critical for securing digital assets.