Business & Technology
Operational technology (OT) refers to the hardware and software used to run industrial control systems (ICS), such as SCADA, that serve as the foundation of various areas of critical infrastructure. This includes industries that are essential to public safety and well-being, including power plants, manufacturing, water utilities, healthcare, transit, and more. OT differs from traditional IT systems due to the processes and systems that must be incorporated to effectively manage production and resource development systems, including engines, valves, sensors, and even robotics, that are common to critical infrastructure environments but may be absent from traditional IT stacks.
While IT and OT have been managed separately since their inception, there has been a growing movement toward the convergence of these two systems over the past 12 – 18 months. Incorporating IT capabilities such as big data analytics and machine learning into OT systems, along with faster connectivity solutions in order to respond to security and safety events more quickly, has allowed these industries to improve productivity and efficiency, offering a competitive edge to those who combine the systems effectively.
However, it’s important for OT teams to consider how this convergence affects the cybersecurity posture of critical infrastructure, especially given the impact that downtime caused by a cyberattack can have on the economy, health, and productivity of the nation. And worse, the potential safety risks to workers and even local communities should a critical system be compromised.
To determine where critical industries may be at risk due to IT and OT convergence, Fortinet has compiled the State of Operational Technology and Cybersecurity Report.
To understand the types of threats facing operational technology and how OT teams can mitigate these threats, Fortinet conducted a survey of organizations in critical industries with greater than 2,500 employees. Specifically, we examined plant and manufacturing operations leaders in:
Their answers revealed where OT is most vulnerable, the types of cyberattacks they regularly face, what their current security tactics are, and where improvement to cybersecurity protocols must be made.
The report revealed that cybersecurity must become a greater focus where operational technology is concerned, as 74% of OT organizations experienced a data breach in the last 12 months. The breaches negatively impacted organizations in a myriad of ways, including a reduction in safety, productivity and revenue, the compromise of business-critical data, and damaged brand reputation. Considering these, it’s clear that OT organizations that do not prioritize cybersecurity as part of their IT and OT convergence strategy risk losing all of the benefits of this strategy when they encounter an attack.
The most common types of cyberattacks affecting operational technology are malware, phishing, spyware, and mobile security breaches. The survey results show that these attacks persist as a result of four key reasons:
With these attack vectors and security challenges in mind, there are several steps operations leaders can take to improve the security posture at their organizations and minimize the risks associated with downtime in the wake of an attack.
First, 62% of organizations stated intentions to dramatically increase their cybersecurity budgets this year. Additionally, organizations are also adjusting their cybersecurity strategies, with 70% stating their intention to make the CISO responsible for OT cybersecurity in the next year—currently, just 9% of CISOs overseeing OT security.
In addition to these two changes already underway, organizations can implement several security tactics that have demonstrated success in critical infrastructure industries. As part of this study, Fortinet examined the differences in cybersecurity controls in place between those organizations that experienced zero intrusions over the last 12 months, and similarly-sized organizations with six or more intrusions. There were several tactics and tools that stood out among those top-tier organizations that those in the bottom-tier lacked, including:
As OT and IT systems continue to converge, implementing these essential tactics can help operations leaders and CISOs gain visibility across their OT environments while reducing complexity in their network to reduce cyber risk.
Security threats to Operational Technology networks, especially in critical infrastructures such as transportation, health, and energy, can have major consequences for ensuring the success of these organizations, as well as for the daily lives of the people those industries support. To help minimize this risk, this latest report from Fortinet provides a critical examination of key areas of vulnerability in order to help OT teams identify more effective ways to improve cybersecurity efforts in the industries they support.
To learn more about these efforts, read the State of Operational Technology and Cybersecurity Report.
Find out more about the unique challenges that Operational Technology (OT) environments present and how Fortinet secures critical infrastructure.