Operational technology security remains a challenge for business leaders

Friday, 31 July 2020 00:00 -     - {{hitsCtrl.values.hits}}



  • 2020 State of Operational Technology and Cybersecurity Report finds that these intrusions often impacted operational efficiency, revenue and even physical safety

Fortinet, a global leader in broad, integrated and automated cybersecurity solutions, recently announced the findings of its 2020 State of Operational Technology and Cybersecurity Report. 

The survey finds that operational technology (OT) leaders are highly respected in their organisations and that their teams are vital to their companies’ bottom lines. Cybersecurity continues to be an integral part of their daily work and that work continues to be a struggle.

The survey of OT leaders conducted by Fortinet indicates that only 8% of respondents had seen no intrusions over the past 12 months. The finding also shows a significant percentage of organisations have not extended some elements of basic security hygiene into their OT environments.

A deeper look into the data highlights:

OT infrastructures still lack core cybersecurity protection

The majority of responding organisations reported that they had been largely unsuccessful at preventing cyber criminals from exploiting their systems. Among those surveyed, it was also found that: 

90% have experienced at least one intrusion in the past year 

72% have experienced three or more intrusions in the past year

26% have experienced six or more intrusions in the past year

The impact of these exploitations was also noted by respondents, with more than half (51%) documenting lost productivity, 37% seeing operational outages impacting revenue, and 39% having their physical safety put at risk—a significant concern considering the inherent dangers of industrial facilities.  

OT leaders also noted the commonality of specific attack methods, including malware (60%), phishing (43%), hackers (39%), ransomware (37%), denial-of-service (DDoS) attacks (27%), and insider breaches (18%). 

The report also revealed gaps in many OT infrastructures that include security. For roughly 40%-50% of those organisations surveyed, the following protocols and security features were missing:

Nearly 4 out of 10 do not have Security Information and Event Management (SIEM)

Half of them do not have a Technical Operations Center (TOC)

*Half of them do not have a Security Operations Center (SOC) 

*More than half do not have a Network Operations Center (NOC)

47% yet to implement internal network segmentation

59% yet to implement network access control

While more than half 58% of organisations are seeing their budgets increase in 2020, it should also be noted that 15% are instead seeing a decrease in funding, which could be attributed to COVID-19-related revenue losses. 

OT leaders have broad responsibilities that often include cybersecurity

OT leaders typically report to higher-ranking individuals within the organisation, such as a VP, COO, or the CEO. The overwhelming majority (80%) are also regularly involved in making cybersecurity decisions, with half having the final say in those decisions. 

Around 64% of OT leaders have also taken on the responsibility of embedding security within the operations process, and 71% are regularly involved in IT cybersecurity strategy. Because cybersecurity is a top priority for these individuals, trends show that matters related to OT security will soon become the responsibility of the CISO, if they are not already. 

The inevitability of this shift is highlighted by the fact that most, (61%) respondents stated that they expect their CISO to take on all OT security responsibilities in the coming year. This is likely due to the increased risk of connected OT systems and their impact on business continuity. 

OT leaders still struggle with security measurements and analysis

The survey found that between 36% and 57% of organisations lack consistency when it comes to measuring items on a list of standard metrics. Among the most commonly tracked and reported areas are vulnerabilities (64%), intrusions (57%) and cost reduction resulting from cybersecurity efforts (58%). Conversely, less than half of organisations (43%) are known to report on tangible risk management outcomes, and 39% to 50% do not routinely share basic cybersecurity data with senior executive leadership.

Respondents also cited security analysis, monitoring, and assessment tools as among the most essential features in security solutions, with the majority 58% ranking these specific attributes in the top 3. Despite the prioritisation of these features, however, 53% reported that security solutions hinder operational flexibility and half reported that they create more complexity.

Commenting on this report, India and SAARC at Fortinet Regional Vice President Rajesh Maurya said, “OT Leaders find it challenging to deploy the right security tools and keep up with increasingly sophisticated cyber threats that await their newly-connected systems.”

“As OT systems lose their air gaps and become integrated with IT systems, OT leaders will need to reinforce security awareness by implementing best practices, bolster their systems with centralised visibility and take a proactive approach to security to turn the tables on cybercriminals and help protect their critical OT infrastructures”.