New Report on the State of Operational Technology and Cybersecurity

By Rick Peters | June 11, 2021

Inside Operational Technology (OT) organizations, there is a general trend of Industrial Control cybersecurity responsibility shifting away from VP or director of network engineering to CISOs and CIOs, according to the Fortinet 2021 State of Operational Technology and Cybersecurity Report. Today, CISOs face an increase in potential security risks with the increased digital connectivity of IT and OT network infrastructure. Absent implementation of OT cybersecurity best practices, critical ICS and SCADA systems can be vulnerable to cyberattacks that could result in significant financial losses and possibly compromise the safety of citizens and national security. 

For the report, Fortinet conducted a survey of organizations in critical industries with greater than 2,500 employees. We surveyed plant and manufacturing operations leaders in:

OT and Cybersecuirty Report

The report reveals  that security risks continue to be high in companies that are charged with protecting OT environments, holding steady from 2020. Nine out of 10 organizations experienced at least one intrusion in the past year, which is almost identical to the results of last year’s survey. Even though the pandemic drove rapid innovation to accommodate a pivot to remote work, a 90% rate of intrusion represents a significant problem that should concern CISOs and other OT leaders.

CISOs also should take particular notice of the significant growth in phishing attacks. A startling 58% reported this type of intrusion, up from 43% last year. The increase in phishing stems from attackers exploiting weaknesses related to the rapid changes to accommodate execution of remote work that occurred at the beginning of 2020. Insider breaches are also on the rise at 42%, which is up from 18% last year. CISOs should consider increasing employee awareness and training and boosting their data protection strategies or solutions.

Operational Technology Key Takeaways

Although not exactly cheerful news, the results are not as bad as they could be considering the fact that organizations were confronting a global pandemic and all the rapid innovation that entailed managing greater risk in networking and security. Not surprisingly, some organizations performed better due to exhibiting unique OT security business attributes. Choosing to repeat a valuable prior analysis, we compared the survey responses from two subsets—our “top-tier” and “bottom-tier” respondents. This analysis identified a number of best practices that top-tier OT leaders were more likely to employ. When compared with bottom-tier organizations, top-tier organizations demonstrated the following:

  • Are more likely to use orchestration and automation and have security tracking and reporting in place.
  • Are more likely to have 100% centralized visibility in their security operations center.
  • Were more prepared, earlier, to accommodate work from home driven by the pandemic.

If nothing else, the past year has reflected how important it is for organizations to continue proportional investment in security. Since OT networks are rarely air gapped completely from IT networks and connections to the internet, OT systems are arguably more vulnerable. They face increasing risks from IT-born and internet-born attacks. When we consider rapid pandemic driven innovation and the increase in insider threats, we can conclude that OT organizations will need to continue to work to establish zero-trust access for remote users and focus on security awareness and training throughout the organization.

Subscribe to Fortinet's YouTube channel for the latest video content from Fortinet, FortiGuard Labs, and our Training Advancement Agenda (TAA), including customer stories, product demos, interviews on the latest cybersecurity trends, and more.