|Fortinet compiled the State of Operational Technology and Cybersecurity report to flag critical areas for Operational Technology teams |
The report of Fortinet is built in the context of the growing movement toward the convergence of IT and OT over the past 12-18 months, breaking with practice of separate management since their inception. Incorporating IT capabilities such as big data analytics and machine learning into OT systems, along with faster connectivity solutions in order to respond to security and safety events more quickly, has allowed these industries to improve productivity and efficiency, offering a competitive edge to those who combine the systems effectively.
However, it’s important for OT teams to consider how this convergence affects the cybersecurity posture of critical infrastructure, especially given the impact that downtime caused by a cyberattack can have on the economy, health, and productivity of the nation. And worse, the potential safety risks to workers and even local communities should a critical system be compromised.
To determine where critical industries may be at risk due to IT and OT convergence, Fortinet has compiled the State of Operational Technology and Cybersecurity Report.
To understand the types of threats facing OT and how OT teams can mitigate these threats, Fortinet conducted a survey of organisations in critical industries with greater than 2,500 employees. Specifically, it examined plant and manufacturing operations leaders in the sectors of manufacturing, energy and utilities, healthcare, and transportation.
Their answers revealed where OT is most vulnerable, the types of cyberattacks they regularly face, what their current security tactics are, and where improvement to cybersecurity protocols must be made.
Cybersecurity risks for Operational Technology
The report revealed that cybersecurity must become a greater focus where operational technology is concerned, as 74 per cent of OT organisations experienced a data breach in the last 12 months. The breaches negatively impacted organisations in a myriad of ways, including a reduction in safety, productivity, and revenue, the compromise of business-critical data, and damaged brand reputation. Considering these, it's clear that OT organisations that do not prioritise cybersecurity as part of their IT and OT convergence strategy risk losing all of the benefits of this strategy when they encounter an attack.
The most common types of cyberattacks affecting operational technology are malware, phishing, spyware, and mobile security breaches.
Improving security for Operational Technology
With these attack vectors and security challenges in mind, there are several steps operations leaders can take to improve the security posture at their organisations and minimise the risks associated with downtime in the wake of an attack.
62 per cent of organisations stated intentions to dramatically increase their cybersecurity budgets this year. Additionally, organisations are also adjusting their cybersecurity strategies, with 70 per cent stating their intention to make the CISO responsible for OT cybersecurity in the next year – currently, just 9 per cent of CISOs oversee OT security.
In addition to these two changes already underway, organisations can implement several security tactics that have demonstrated success in critical infrastructure industries. As part of this study, Fortinet examined the differences in cybersecurity controls in place between those organisations that experienced zero intrusions over the last 12 months, and similarly-sized organisations with six or more intrusions.
As OT and IT systems continue to converge, implementing these essential tactics can help operations leaders and CISOs gain visibility across their OT environments while reducing complexity in their network to reduce cyber risk.
According to Fortinet, security threats to Operational Technology networks, especially in critical infrastructures such as transportation, health, and energy, can have major consequences for ensuring the success of these organisations, as well as for the daily lives of the people those industries support.
“Cybersecurity challenges continue to grow, and financial institutions – especially those in the midst of digital transformation efforts – are being highly targeted by cybercriminals. Commercial banks, credit unions, stock brokerage firms, asset management firms, and insurance companies that support digital transactions through mobile apps are being increasingly targeted and exploited by malicious criminals. At the same time, they are suffering the same challenges of other organisations, including figuring out how to inspect and secure the growing volume of encrypted traffic, battling the persistence of botnets, and addressing new malware trends such as cryptojacking,” said Anthony Giandomenico, senior security strategist and researcher, FortiGuard Labs, Fortinet. “To successfully address today’s challenges, the security teams of financial services organisations need to rethink their strategy, from automating their security hygiene measures to replacing isolated security devices with an integrated security fabric architecture that can seamlessly span the growing attack surface.”