Fortinet recently released the 2022 State of Operational Technology and Cybersecurity Report. Based on a detailed survey conducted in March 2022 of more than 500 global operational technology (OT) professionals, the report’s data highlights the current state of OT security and provides a roadmap to better secure OT organizations.
The need to improve OT security is underscored in the report, which found: 93% of OT organizations experienced an intrusion in the past year, and 78% of them experienced more than three intrusions.
Traditionally, security was not as critical a consideration when programmable logic controllers (PLCs)—the brains of any industrial control system (ICS) or OT network—were designed. PLCs never verified the authenticity of message senders, and controller communications had zero encryption capability. Previously, there was no need for these security measures because an organization’s OT network was always air-gapped from their IT network.
Now, however, the situation is quite different. OT and IT networks have converged, and industrial processes have been digitized. The benefits from the integration of these two types of networks are great. They include enhancements in productivity, efficiency, responsiveness, and profitability. Unfortunately, this new connectivity has also brought the negative unintended consequence of making OT networks vulnerable to cyberattacks. IT/OT interconnectedness has allowed threat actors to attack the cyber-physical systems of no-longer air-gapped OT environments, resulting in many serious incidents.
After diving into the report’s data, we can mine these key information nuggets:
Besides providing the latest statistics on the state of OT cybersecurity, the 2022 State of Operational Technology and Cybersecurity Report offers insights on how best to handle OT vulnerabilities and how best to strengthen an organization’s overall security posture. Some of the key best practices for OT organizations are:
The 2022 report shows that there are widespread gaps in industrial systems’ security, and there are numerous areas begging for improvement. Since cybersecurity must now fully span both the IT and OT network environments to be effective, we believe that a mesh platform approach like the Fortinet Security Fabric is essential for keeping industrial organizations secure. With the centralized visibility that a mesh platform offers, OT vulnerabilities and risks can be plugged and today’s most sophisticated threats can be repelled.
Survey respondents were individuals holding leadership positions responsible for OT and OT security—from managers to C-level executives. These respondents represented a range of heavy OT-user industries, including manufacturing, transportation and logistics, and healthcare. It is based on a survey of more than 500 global OT professionals conducted in March 2022.
Read the report to learn more about what others are doing to better protect their OT networks and what you can do about yours.