Fortinet Introduces New Specialized Cybersecurity Products and Professional Services for Operational Technology Environments
New and enhanced OT security offerings extend the capabilities of the Fortinet Security Fabric, reinforcing Fortinet’s commitment to reducing cybersecurity risk for cyber-physical and industrial control systems
Operational Technology Security Summit 2023
John Maddison, EVP of Products and CMO at Fortinet
“Operational technology environments are more connected to the cloud and their supply chains than ever before, which has created a huge opportunity for cyber attackers. Traditional information security products are not well suited for cyber-physical security. The Fortinet Security Fabric for OT is specifically designed for operational technology, and we’re pleased to introduce additional cyber-physical security capabilities to protect these environments.”
Fortinet® (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, today announced new and enhanced products and services for operational technology (OT) environments as an expansion of the Fortinet Security Fabric for OT. Fortinet enables organizations to build a platform of integrated solutions to effectively mitigate cyber risk across OT and IT environments.
The State of OT Security
As more industrial environments increase connectivity with external and internal applications, devices, and corporate IT networks, the attack surface grows exponentially, exposing critical OT assets to increasingly advanced and destructive threats. The 2022 Fortinet State of Operational Technology and Cybersecurity Report found that 93% of organizations had one or more security intrusions in the past year, with 61% of intrusions affecting OT systems. Security breaches have the potential to disrupt critical infrastructure, resources, and services that support everything from local communities to entire nations. Organizations must prioritize securing their OT environments by integrating tools and practices to help alleviate security risks that may arise from lack of visibility and real-time response.
Securing OT Environments with the Fortinet Security Fabric for OT
Highlighting its commitment to OT security, Fortinet has released new and enhanced products and services to help organizations better protect their OT environments. Fortinet’s OT solutions are natively integrated across the Fortinet Security Fabric to seamlessly enable IT/OT convergence and connectivity. This helps improve visibility and real-time response across the entire attack surface and empowers security operations center (SOC) teams to become more efficient and effective in their time to respond across factories, plants, remote locations, and vehicles.
New specialized products include:
- FortiGate 70F Rugged Next-Generation Firewall (NGFW) is the latest addition to Fortinet’s rugged portfolio designed for harsh environments and features a new compact design with converged networking and security capabilities on a single processor. The 70F has FortiGuard AI-powered enterprise-grade security services and delivers complete coverage for content, web and device security with dedicated OT and IoT services that are natively integrated with SD-WAN, universal zero trust network access (ZTNA), and LAN edge controllers. 5G support is also available through an integration with FortiExtender.
- FortiDeceptor, Fortinet’s deception technology for early breach detection and attack isolation, is now available as an industrially hardened rugged appliance – the FortiDeceptor Rugged 100G – for harsh industrial environments. FortiDeceptor (both appliance and VM) also provides new OT/IoT/IT decoys to support diverse environments. To combat emerging threats and vulnerabilities, FortiDeceptor also now enables on-demand creation of deception decoys based on newly discovered vulnerabilities, or suspicious activity, providing automated, dynamic protection across OT/IoT/IT environments.
- FortiPAM Privileged Access Management for Secure Remote Access offers enterprise-grade privileged access management for both IT and OT ecosystems. It includes secure remote access to critical assets regulated and monitored through workflow-based access approvals and session video recording. FortiPAM also supports secure file exchange and a password vault to manage all credentials and keep them secret. It supports integration with FortiClient, FortiAuthenticator, and FortiToken to enable ZTNA, single sign-on, and multi-factor authentication.
New enhancements providing SOC teams with faster time to response in OT and IT environments include:
- FortiSIEM unified security analytics dashboards now include event correlation and mapping of security events to the Purdue Model. It also includes built-in parsers for OT security solutions, a MITRE ATT&CK for ICS (industrial control system) dashboard for OT-specific threat analysis, and support for data-diode technologies.
- FortiSOAR now offers features to reduce alert fatigue and enable security automation and orchestration across IT and OT environments. Features include IT/OT dashboards mapped to the Purdue Model hierarchy, OT-specific playbooks for threat remediation, MITRE ATT&CK for ICS for threat analysis, and enhanced integration and connectors for OT threat intelligence.
- FortiGuard Industrial Security Service now includes more than 2,000 application control signatures for OT applications and protocols that support deep packet inspection. The service also includes intrusion prevention signatures for over 500 known ICS vulnerabilities, so vulnerable assets can be virtually patched using FortiGate’s next-generation intrusion prevention system.
New OT specialized assessments and readiness services to stay ahead of threats include:
- Fortinet Cyber Threat Assessment Program (CTAP) for OT validates OT network security effectiveness, application flows, and includes expert guidance, enabling organizations to improve the security posture of their OT environments.
- OT Tabletop Exercises for OT Security Teams are led by FortiGuard Incident Response team facilitators with expertise in threat analysis, mitigation, and incident response. The exercises help OT security teams identify security gaps through a series of real-world OT attack scenarios to test an organization’s incident response plan.
An Integrated Approach to OT Security
Today’s announcement builds on Fortinet’s long-time support for OT customers with solutions specifically designed for cyber-physical security as part of the Fortinet Security Fabric for OT. This includes more than 500 technology integrations with over 300 Fabric-Ready Technology Alliance partners, FortiGuard Labs threat intelligence, and enhanced security operations management as organizations expand their IT/OT network operations center (NOC) and SOC capabilities.
Join Fortinet at the Operational Technology Security Summit
Explore the convergence of cybersecurity across IT and OT networks from the production facility to the board room at the Operational Technology Security Summit, a virtual event happening on March 1, 2023 from 8:30am – 11:30am PT. Register now to learn how to reduce operational risk and increase network and cybersecurity resiliency.
- Learn more about the Fortinet Security Fabric for OT.
- Watch the video to learn more about how Fortinet delivers cybersecurity for industrial controls and operational technology environments.
- Read more about how Fortinet OT customers are securing their organizations.
- Learn more about securing critical infrastructures with Fortinet.
- Watch this video to learn more about the Fortinet Security Fabric for OT environments.
- Learn more about the Fortinet Open Ecosystem and Fabric-Ready Technology Alliance Partner Program.
- Learn more about Fortinet’s free cybersecurity training, which includes broad cyber awareness and product training. As part of the Fortinet Training Advancement Agenda (TAA), the Fortinet Training Institute also provides training and certification through the Network Security Expert (NSE) Certification, Academic Partner, and Education Outreach programs.
- Follow Fortinet on Twitter, LinkedIn, Facebook, and Instagram. Subscribe to Fortinet on our blog or YouTube.
Fortinet (NASDAQ: FTNT) is a driving force in the evolution of cybersecurity and the convergence of networking and security. Our mission is to secure people, devices, and data everywhere, and today we deliver cybersecurity everywhere you need it with the largest integrated portfolio of over 50 enterprise-grade products. Well over half a million customers trust Fortinet's solutions, which are among the most deployed, most patented, and most validated in the industry. The Fortinet Training Institute, one of the largest and broadest training programs in the industry, is dedicated to making cybersecurity training and new career opportunities available to everyone. FortiGuard Labs, Fortinet’s elite threat intelligence and research organization, develops and utilizes leading-edge machine learning and AI technologies to provide customers with timely and consistently top-rated protection and actionable threat intelligence. Learn more at https://www.fortinet.com, the Fortinet Blog, and FortiGuard Labs.
Copyright © 2023 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and common law trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet’s trademarks include, but are not limited to, the following: Fortinet, the Fortinet logo, FortiGate, FortiOS, FortiGuard, FortiCare, FortiAnalyzer, FortiManager, FortiASIC, FortiClient, FortiCloud, FortiMail, FortiSandbox, FortiADC, FortiAI, FortiAIOps, FortiAntenna, FortiAP, FortiAPCam, FortiAuthenticator, FortiCache, FortiCall, FortiCam, FortiCamera, FortiCarrier, FortiCASB, FortiCentral, FortiConnect, FortiController, FortiConverter, FortiCWP, FortiDB, FortiDDoS, FortiDeceptor, FortiDeploy, FortiDevSec, FortiEdge, FortiEDR, FortiExplorer, FortiExtender, FortiFirewall, FortiFone, FortiGSLB, FortiHypervisor, FortiInsight, FortiIsolator, FortiLAN, FortiLink, FortiMoM, FortiMonitor, FortiNAC, FortiNDR, FortiPenTest, FortiPhish, FortiPlanner, FortiPolicy, FortiPortal, FortiPresence, FortiProxy, FortiRecon, FortiRecorder, FortiSASE, FortiSDNConnector, FortiSIEM, FortiSMS, FortiSOAR, FortiSwitch, FortiTester, FortiToken, FortiTrust, FortiVoice, FortiWAN, FortiWeb, FortiWiFi, FortiWLC, FortiWLM and FortiXDR. Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties and Fortinet does not independently endorse such statements. Notwithstanding anything to the contrary herein, nothing herein constitutes a warranty, guarantee, contract, binding specification or other binding commitment by Fortinet or any indication of intent related to a binding commitment, and performance and other specification information herein may be unique to certain environments.