Study reveals gaps in many OT infrastructures that include security
Operational Technology (OT) leaders are highly respected in their organizations and that their teams are vital to their companies’ bottom lines. Cybersecurity continues to be an integral part of their daily work and that work continues to be a struggle, according to Fortinet’s 2020 State of Operational Technology and Cybersecurity Report.
The survey of OT leaders conducted by Fortinet indicates that only 8% of respondents had seen no intrusions over the past 12 months. The finding also shows a significant percentage of organizations have not extended some elements of basic security hygiene into their OT environments.
A deeper look into the data highlights:
The majority of responding organizations reported that they had been largely unsuccessful at preventing cyber criminals from exploiting their systems. Among those surveyed, it was also found that:
- 90% have experienced at least one intrusion in the past year
- 72% have experienced three or more intrusions in the past year
- 26% have experienced six or more intrusions in the past year
The impact of these exploitations was also noted by respondents, with more than half 51% documenting lost productivity, 37% seeing operational outages impacting revenue, and 39% having their physical safety put at risk—a significant concern considering the inherent dangers of industrial facilities.
OT leaders also noted the commonality of specific attack methods, including malware (60%), phishing (43%), hackers (39%), ransomware (37%), denial-of-service (DDoS) attacks (27%), and insider breaches (18%).
OT Infrastructures Still Lack Core Cybersecurity Protection
The report also revealed gaps in many OT infrastructures that include security. For roughly 40% - 50% of those organizations surveyed, the following protocols and security features were missing:
- Nearly 4 out of 10 do not have Security Information and Event Management (SIEM)
- Half of them do not have a Technical Operations Center (TOC)
- Half of them do not have a Security Operations Center (SOC)
- More than half do not have a Network Operations Center (NOC)
- 47% yet to implement Internal network segmentation
- 59% yet to implement Network access control
While more than half 58% of organizations are seeing their budgets increase in 2020, it should also be noted that 15% are instead seeing a decrease in funding, which could be attributed to COVID-19-related revenue losses.
OT Leaders Have Broad Responsibilities That Often Include Cybersecurity
OT leaders typically report to higher-ranking individuals within the organization, such as a VP, COO, or the CEO. The overwhelming majority (80%) are also regularly involved in making cybersecurity decisions, with half having the final say in those decisions. 64% of OT leaders have also taken on the responsibility of embedding security within the operations process, and 71% are regularly involved in IT cybersecurity strategy.
Because cybersecurity is a top priority for these individuals, trends show that matters related to OT security will soon become the responsibility of the CISO, if they are not already. The inevitability of this shift is highlighted by the fact that most 61% respondents stated that they expect their CISO to take on all OT security responsibilities in the coming year. This is likely due to the increased risk of connected OT systems and their impact on business continuity.
OT Leaders Still Struggle with Security Measurements and Analysis
The survey found that between 36% and 57% of organizations lack consistency when it comes to measuring items on a list of standard metrics. Among the most commonly tracked and reported areas are vulnerabilities (64%), intrusions (57%) and cost reduction resulting from cybersecurity efforts (58%). Conversely, less than half of organizations (43%) are known to report on tangible risk management outcomes, and 39% to 50% do not routinely share basic cybersecurity data with senior executive leadership.
Respondents also cited security analysis, monitoring, and assessment tools as among the most essential features in security solutions, with the majority 58% ranking these specific attributes in the top 3. Despite the prioritization of these features, however, 53% reported that security solutions hinder operational flexibility and half reported that they create more complexity.
Rajesh Maurya Regional Vice President, India & SAARC at Fortinet said, “OT Leaders find it challenging to deploy the right security tools and keep up with increasingly sophisticated cyber threats that await their newly-connected systems. As OT systems lose their air gaps and become integrated with IT systems, OT leaders will need to reinforce security awareness by implementing best practices, bolster their systems with centralized visibility and take a proactive approach to security to turn the tables on cybercriminals and help protect their critical OT infrastructures”.