A recent report was published by Fortinet, unveiling a significant increase in cyberattacks targeting operational technology (OT) systems, which has raised concerns for organisations worldwide about the urgent need to strengthen cybersecurity measures. According to the 2024 State of Operational Technology and Cybersecurity Report, 73 per cent of organisations have reported experiencing an intrusion impacting either OT systems alone or both OT and IT systems. This marks a substantial surge from 49 per cent the previous year.
John Maddison, Chief Marketing Officer at Fortinet, emphasized the gravity of these findings, stating that while OT organisations are making progress in fortifying their security posture, they are still encountering significant challenges in securing converged IT/OT environments. Maddison stressed the importance of adopting essential tools and capabilities to enhance visibility and protections across the entire network, ultimately reducing the mean time to detection and response, and minimizing the overall risk of these environments.
Of particular concern is the revelation that nearly one-third of respondents reported experiencing more than six intrusions within the past year, a notable increase from 11 per cent in the previous year’s survey. This upsurge in breaches includes common types of intrusions such as phishing and compromised business emails, with techniques like mobile security breaches and web compromise being the predominant methods used by threat actors.
The report also highlights a troubling decline in the ability of organisations to maintain comprehensive visibility over their OT environments, with only five per cent of respondents claiming to have complete visibility, a decrease from 10 per cent the previous year. However, the number of respondents reporting 75 per cent visibility has increased, indicating progress towards a more realistic understanding of their cybersecurity posture.
The report notes, “As threats grow more sophisticated, the data suggests that most organisations still have blind spots in their environment.” More than half of the respondents (56 per cent) reported experiencing ransomware or wiper intrusions, signifying an increase from 32 per cent the year before, further highlighting the imperative need for enhanced network visibility and detection capabilities.
Fortinet’s findings also indicate that responsibility for OT cybersecurity is becoming increasingly prominent within executive leadership teams. There has been a noticeable shift in aligning OT security with the role of the Chief Information Security Officer (CISO), which has grown from 17 per cent to 27 per cent. Additionally, there is an emerging trend towards assigning OT responsibility to other C-suite executives such as Chief Information Officers (CIO), Chief Technology Officers (CTO), and Chief Operating Officers (COO), with expectations for this alignment to reach upwards of 60 per cent within the next 12 months.
To address these cybersecurity challenges, the report outlines several best practices for organisations. These include deploying segmentation to create network zones with strong policy controls, establishing comprehensive visibility and compensating controls for OT assets, integrating OT into security operations and incident response plans, and embracing OT-specific threat intelligence and security services. A platform-based approach to overall security architecture is also recommended to simplify and consolidate the cybersecurity infrastructure.
In conclusion, the surge in cyberattacks targeting operational technology systems underlines the critical need for organisations to bolster their cybersecurity measures. The findings of the report serve as a sobering reminder of the escalating sophistication of cyber threats and the pressing need for organisations to embrace robust security strategies to safeguard their OT environments.