Fortinet report finds 75% of OT organizations experienced intrusion last year
Fortinet announced the findings from its global 2023 State of Operational Technology and Cybersecurity Report. The results represent the current state of operational technology (OT) security and point to the opportunity for continued improvement for organizations to secure an ever-expanding IT/OT threat landscape. In addition to the latest trends and insights impacting OT organizations, the report also provides a roadmap to help IT and security teams better secure their environments.
“Fortinet’s 2023 State of Operational Technology and Cybersecurity Report shows that, while OT organizations have improved their overall cybersecurity posture, they also have continued opportunity for improvement,” said John Maddison, EVP products and CMO at Fortinet. “Networking and IT teams are under extraordinary pressure to adapt and become more OT-aware, and organizations are shifting to find and employ solutions that implement security across their entire IT/OT environment to reduce their overall security risk.”
Key findings from the global survey include:
· OT continues to be targeted by cybercriminals at a high rate: While the number of organizations that did not incur a cybersecurity intrusion improved dramatically YoY (from 6% in 2022 to 25% in 2023), there is still significant room for improvement. In fact, three-fourths of OT organizations reported at least one intrusion in the last year, and nearly one-third of respondents reported being victims of a ransomware attack in the last year (32%, unchanged from 2022). Intrusions from malware and phishing increased 12% and 9%, respectively.
· Cybersecurity practitioners overestimated their OT security maturity: In 2023, the number of respondents who consider their organization's OT security posture as “highly mature” fell to 13% from 21% the year before, suggesting growing awareness among OT professionals and more effective tools for self-assessing their organizations’ cybersecurity capabilities. Nearly one-third (32%) of respondents indicated that both IT and OT systems were impacted by a cyberattack, up from only 21% last year.
· The connected-device explosion underscores complexity challenges for OT organizations: Nearly 80% of respondents reported having greater than 100 IP-enabled OT devices in their OT environment, highlighting just how significant a challenge it is for security teams to secure an ever-expanding threat landscape. Survey findings revealed that cybersecurity solutions continue to aid in the success of most (76%) OT professionals, particularly by improving efficiency (67%) and flexibility (68%). However, report data also indicates that solution sprawl makes it more difficult to consistently incorporate, employ, and enforce policies across an increasingly converged IT/OT landscape. And the problem compounds with aging systems, with the majority (74%) of organizations reporting that the average age of ICS systems across their organization are between six and 10 years old.
· Alignment of OT security under the CISO bodes well for the industry: While nearly every organization faces an uphill battle when it comes to finding qualified security practitioners due to the growing cybersecurity skills shortage, report findings suggest OT organizations are continuing to prioritize cybersecurity. A key indicator is that nearly every (95%) organization plans on placing the responsibility for OT cybersecurity under a chief information security officer (CISO) in the next 12 months, rather than an operations executive or team. The findings also reveal that OT-cybersecurity professionals now come from IT-security leadership rather than product management, and influence on cybersecurity decisions is shifting away from operations and to other leaders, especially CISO/CSO roles.