Still many unprotected OT systems
Many industrial environments are still poorly protected against attacks. According to a report by Fortinet, 93 percent of organizations fell victim to such an attack last year. One problem often lies in responsibility.
According to a Fortinet report very many operational security ("OT") environments remain poorly protected from attack. A survey of 500 global planners revealed that 93 percent of OT organizations experienced one breach in the past year, while 78 percent experienced more than three.
High level of operational failures
Fortinet's study highlights the increasing importance of achieving improvements in network efficiency, responsiveness and profitability. Interventions in OT security usually have serious consequences on a company's productivity.
As a result, nearly 50 percent of the companies surveyed experienced business interruptions that impacted business continuity. In 90 percent of cases, it would have taken hours or longer to restore operations.
Too many different providers
One problem was often responsibility. According to the companies surveyed, this was regulated inconsistently in many cases. Only 15 percent of respondents stated who exactly was responsible for OT security in their company.
While OT security is gradually improving, many companies continue to experience security gaps. Fortinet's report also found that the vast majority of companies use between two and eight different security vendors to protect their industrial devices and have between 100 and 10,000 devices in use. This complexity, Fortinet said, continues to be a major challenge.
Fortinet's State of Operational Technology and Cybersecurity Report 2022 points to some "best practices" such as:
- Deploy solutions that provide a central overview of all OT activities: Focused, end-to-end visibility of industrial activities is therefore of utmost importance for companies that require airtight security.
- Consolidate security vendors and solutions: To reduce complexity and gain a centralized view of devices, organizations should integrate their OT and IT technology and partner with fewer vendors. By using integrated security solutions, security teams can reduce their organization's attack surface and improve security.
