Operational technology (OT) is the cyber physical foundation that enables the world’s factories, energy production and transmission facilities, transportation networks, and utilities to function. To boost operational efficiency and profitability, many OT companies have been integrating OT infrastructure and thereby indirectly connecting supervisory control and data acquisition (SCADA) systems with IT networks to manage actionable data across a formerly air-gapped framework. However, the improved agility and efficiency derived from digitally connected OT-IT networks comes with increased cybersecurity risk.
To understand the types of threats facing operational technology and how OT teams can mitigate these threats, Fortinet conducted a survey of organizations in critical industries with greater than 2,500 employees. We surveyed plant and manufacturing operations leaders in:
- Energy and utilities
The results are compiled in the Fortinet 2021 State of Operational Technology and Cybersecurity Report. The report illuminates where OT is most vulnerable, the types of cyberattacks organizations face, current security tactics, and the areas where cybersecurity protocols need improvement.
Security Struggles Continue within OT Organizations
This year’s report indicates that OT leaders continue to be involved in cybersecurity, but it remains a struggle. And over the past year, the pandemic only added to the security issues leaders had to face. The momentum for OT-IT network convergence was evident pre-pandemic, but the effects of pandemic-driven innovation accelerated digital transformation and increased extended connectivity.
Facing the challenge of extending the plant environment to accommodate remote work, many organizations had to increase their technology budgets to support rapid solution deployment. Seeking to benefit where possible from the many changes brought about by the pandemic, many OT leaders are looking for new ways to streamline processes and reduce future costs.
Although progress is being made, there is room for improvement. Most OT organizations are not leveraging orchestration and automation and their security readiness was further taxed by the COVID-19 crisis. OT-IT network convergence coupled with an ever-increasing advanced threat landscape and coping with pandemic-related issues made it even more difficult for OT leaders to stay ahead of disruptive cyber adversaries.
The Fortinet study highlights four key insights about the current state of OT security across organizations.
Overcoming the OT Challenges
Arguably, the demand for resiliency that is achieved from implementing cybersecurity best practices has gained amplified interest over the past 12 months. Despite that interest, the 2021 report indicates that OT leaders continue to struggle. Increased digital connectivity of OT and IT networks rolls on, yet in this year’s survey only 7% of OT leaders reported no intrusions. It’s clear that many organizations face challenges when it comes to security practices and ultimately protecting their infrastructure from today’s increasingly sophisticated cyber threats.
With that said, top-tier OT organizations are realizing cybersecurity success and managing to weather the unusual situation brought on by the pandemic and the corresponding rapid innovation. Those top-tier organizations continue to make a commitment to promoting centralized visibility and taking a proactive approach to security to protect their critical systems.
Learn how Fortinet secures the convergence of OT and IT. By designing security into complex infrastructure via the Fortinet Security Fabric, organizations have an efficient, non-disruptive way to ensure that the OT environment is protected and compliant.
Read these customer use cases to find out how Houston County Electric Cooperative used Fortinet’s OT Security Solutions to protect their distributed networks and critical infrastructure.