OT Security: The Challenges for Organizations by Redazione LineaEDP 29/06/2022

According to a global report by Fortinet , 93% of OT organizations have experienced an attack in the last 12 months and 78% more than three

Fortinet has published its 2022 Global Report on Operational Technology and Cybersecurity, which surveyed more than 500 OT professionals globally. With industrial control environments continuing to be a target for cybercriminals – 93% of Operational Technology (OT) organizations have in fact suffered an intrusion in the last 12 months – the survey highlights widespread gaps in industrial security and points to opportunities for improvement in this area. The evidence that emerged is numerous • OT activities lack centralized visibility, which increases security risks. Fortinet's survey found that only 13% of respondents achieved centralized visibility of all OT activities. In addition, only 52% of organizations are able to monitor all OT activities from the security operations center (SOC). At the same time, 97% of global organizations consider OT to be of medium/high importance relative to their overall security risk. The report's findings, however, indicate that the lack of centralized visibility contributes to organizations' OT security risks and weakening the level of security. • Intrusions into OT security have a significant impact on organizations' productivity and revenues. The Fortinet survey found that 93% of OT organizations have experienced at least one intrusion in the past 12 months, and 78% have experienced more than three. As a result of these threats, nearly 50% of organizations experienced an outage of operations that affected productivity, in addition to 90% of intrusions took several hours to restore service. In addition, one-third of respondents were impacted by revenue, data loss, compliance and brand value as a result of security intrusions. • Operational Technology security management is not uniform across organizations. According to the Fortinet report, OT security management is primarily about managerial roles, from the Director of Plant Operations to the Manager of Manufacturing Operations. Only 15% of respondents say that the CISO is responsible for OT security in their organization. • OT security is gradually improving, but security gaps still exist in many organizations. When asked about the maturity of their OT security posture, only 21% of organizations have reached level 4, which includes orchestration and management. In particular, a higher percentage of respondents in Latin America and the APAC region reached level 4, when compared to other regions. More than 70% of organizations are halfway through the process that will lead them to achieve an advanced Operational Technology security posture . At the same time, organizations are faced with the problem of using multiple OT security tools, which contribute to creating additional gaps in their level of security. The survey found that most organizations use two to eight different vendors for their industrial devices and have between 100 and 10,000 devices in operation, which adds complexity to the system. OT security is an enterprise-wide concern As OT systems are increasingly becoming an attractive target for cybercriminals, C-level leaders recognize the importance of protecting these environments to reduce risks for the organizations in which they operate. Industrial systems have become a significant risk factor as these environments were initially isolated from IT and enterprise networks, but today these two infrastructures are increasingly integrating with each other. As industrial systems are now connected to the Internet and accessible from anywhere, the attack surface of organizations is increasing significantly. As the IT threat landscape becomes increasingly sophisticated, connected OT systems have also become vulnerable to these growing threats. This combination of factors is causing cybersecurity to gain positions in the risk portfolio of many organizations. OT security is a growing concern for executive leaders, increasing the need for organizations to move to comprehensive protection of their industrial control (ICS) and supervisory control and data acquisition (SCADA) systems. Best Practices for Overcoming OT Security Challenges Fortinet's 2022 Global Operational Technology and Cybersecurity Report suggests methods that can help organizations address VULNERABILITIES in OT systems and strengthen their overall security posture. In particular, organizations may: • Establish Zero Trust access to prevent breaches. With more and more industrial systems connected to the network, Zero Trust Access solutions ensure that any user, device, or application without proper credentials and permissions is denied access to critical assets. To improve OT security, Zero Trust Access solutions can further defend organizations from internal and external threats. • Implement solutions that provide centralized visibility of OT activities. Centralized, end-to-end visibility of all OT activities is critical to ensuring that organizations strengthen their security posture. According to the Fortinet report, high-level organizations — which account for 6 percent of respondents who have not reported attacks in the past year — were more than three times more likely to gain centralized visibility than their intrusion counterparts. • Consolidate security tools and vendors for integration between environments. To remove complexity and gain centralized visibility of all devices, organizations should integrate OT and IT technology across a small number of vendors. By implementing integrated security solutions, organizations can reduce their attack surface and improve their security posture. • Implement network access control (NAC) technology. The organizations that have avoided falling victim to intrusions in the past year are the ones most likely to have a role-based NAC, which can ensure that only authorized persons can access critical systems for the protection of digital assets. Fortinet Protects OT Environments with security fabric For more than a decade, Fortinet has protected OT environments in critical industries such as energy, defense, manufacturing, power and transportation. By designing security in complex infrastructures using the Fortinet Security Fabric, organizations can ensure that their OT environment is protected and compliant. With full integration and threat intelligence sharing, businesses get fast, automated responses to attacks with any vector. Fortinet's Security Fabric covers the entire IT-OT converged network to fill OT security gaps, provides complete visibility, and simplifies management.