Fortinet: Cybercriminals Heavily Targeting OT Organizations

There's lots of opportunities for partners to help OT organizations shore up their cybersecurity.

Edward Gately, Senior News Editor

May 25, 2023

3 Min Read
OT organizations
Shutterstock/stoatphoto

Operational technology (OT) organizations continue to be targeted by cybercriminals at a high rate, according to a Fortinet report.

The Fortinet 2023 State of OT and Cybersecurity Report is based on data from a global survey of 570 OT professionals conducted by a third-party research company. The results represent the current state of OT security and point to the opportunity for continued improvement for organizations to secure an ever-expanding IT/OT threat landscape.

All respondents worked in one of the following industries: manufacturing; transportation/logistics; health care/pharma; energy/utilities; chemical/petrochemical; or water/wastewater.

High Number of OT Organizations Reported Intrusions This Past Year

Nelson-Willi_Fortinet.jpg

Fortinet’s Willi Nelson

Willi Nelson, field CISO for OT at Fortinet, said the number of organizations that didn’t incur a cybersecurity intrusion improved significantly year-over-year.

“This year, 25% of respondents reported they didn’t experience an intrusion compared to 6% in the 2022 report,” he said. “The overall decline based on respondent feedback can be attributed to fewer insider breaches, though not necessarily fewer cybercriminal attacks. This speaks to a focus across the industry for improved cybersecurity awareness training and practices within these organizations. That said, there’s obviously still a lot of room to grow considering that 75% of organizations did experience an intrusion this past year.”

About a third of respondents said they were victims of a ransomware attack, the same as last year, Nelson said.

Organizations’ Security Posture Overestimated

Other findings from the Fortinet report include:

  • Cybersecurity practitioners overestimated their OT security maturity. In 2023, the number of respondents who consider their organization’s OT security posture as “highly mature” fell to 13% from 21% the year before. That suggests growing awareness among OT professionals and more effective tools for self-assessing their organizations’ cybersecurity capabilities. Nearly one-third of respondents indicated that both IT and OT systems were impacted by a cyberattack, up from only 21% last year.

  • The connected device explosion underscores complexity challenges for OT organizations. Nearly 80% of respondents reported having greater than 100 IP-enabled OT devices in their OT environment. That highlights how significant a challenge it is for security teams to secure an ever-expanding threat landscape. And the problem compounds with aging systems, with 74% of organizations reporting the average age of industrial control systems across their organization are between six and 10 years old.

  • While nearly every organization faces an uphill battle when it comes to finding qualified security practitioners due to the growing cybersecurity skills shortage, report findings suggest OT organizations are continuing to prioritize cybersecurity. Nearly every organization plans on placing the responsibility for OT cybersecurity under a CISO in the next 12 months rather than an operations executive or team.

Opportunities to Help OT Organizations

Nelson said there are many opportunities for partners to help OT organizations improve their cybersecurity posture.

“One of the challenges OT organizations have when it comes to strengthening their security posture is solution sprawl,” he said. “Security solutions are obviously helpful, but organizational leaders need a better way to get a handle on all of them. Consolidation can reduce complexity and accelerate outcomes. OT organizations should develop an OT cybersecurity platform strategy, which requires partnering with vendors that engineer their products with integration and automation in mind.”

Cybersecurity providers should play a role in helping organizations consistently incorporate and enforce policies across the increasingly converged IT/OT landscape, as opposed to just selling more disparate solutions, Nelson said.

“Another area that cybersecurity providers can help with is training and cyber hygiene to help organizations ensure they are using the tools correctly and that all employees know what to watch out for in terms of things like phishing attacks, etc.,” he said.

Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn.

About the Author

Edward Gately

Senior News Editor, Channel Futures

As senior news editor, Edward Gately covers cybersecurity, new channel programs and program changes, M&A and other IT channel trends. Prior to Informa, he spent 26 years as a newspaper journalist in Texas, Louisiana and Arizona.

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like