Operational technology (OT) infrastructure is facing an unprecedented wave of cyber attacks, with a reported 73% increase in incidents, according to the Fortinet 2024 State of Operational Technology and Cybersecurity Report. OT organizations responsible for critical infrastructure and industrial processes often find themselves at crosshairs of evolving threat actors.
However, there is a silver lining. Although cyber penetration has increased, organizations are taking strong steps to improve OT security. Leadership structures are adapting, and the technology that protects OT systems is becoming more robust. However, the challenge of securing integrated IT/OT environments continues, making it critical that managers, especially Chief Information Security Officers (CISOs), stay informed about the changing threat landscape.
IC-suite mindset shift
The rise of OT cybersecurity risks to the top level marks a major shift in business priorities. Fortinet’s 2024 report is the sixth edition, and six years ago, OT security was often overlooked. Many factories operate in isolation from IT systems, but over time as factories have increasingly connected their workplaces to external networks, weaknesses have become apparent.
Today, OT security is a priority in every industry sector, with many companies realizing the need to protect their critical infrastructure. The CISO’s responsibilities now include OT security, as well as other C-suite leaders such as the CIO, COO, and CTO. This joint commitment reflects a broad understanding that protecting OT environments is critical to ensuring business continuity and mitigating operational risk.
New threats and targeted attacks
Threat actors are sharpening their focus on OT networks, especially in the manufacturing sector. The Fortinet report highlights the rise of attacks aimed at discrediting brands and stealing important business data and intellectual property. Criminals have also started making money from disrupting production lines, including this in their ransom demands.
Additionally, two types of attacks are becoming more common. The first is traditional ransomware, which can stop production and disrupt critical infrastructure. The second, more concerning, is OT-specific malware designed to manipulate physical mechanisms such as valves, switches, and conveyor belts. These attacks, often sponsored by the government, pose a serious threat to national infrastructure and business assets.
A modern challenge
Despite progress, many OT areas continue to struggle with modernity. Old manufacturing equipment, designed for reliability rather than safety, creates blind spots. These legacy systems often use outdated communication protocols and are difficult to secure without full visibility.
To address this situation, organizations must consolidate their OT assets, implement next-generation firewalls, and decentralize their networks. As OT security evolves, adopting a zero-trust approach and integrating advanced security operations (SecOps) becomes increasingly important. The report shows the varying maturity among organizations, some are at the beginning of their journey while others are still adopting advanced SecOps strategies.
Steps to take for leaders
Technology leaders can take immediate steps to protect their OT environments:
- Improve network partitioning: Remove additional firewalls and switches to OT networks in the segment, reducing the risk of joint movement of bad actors.
- Legacy programs address: Most OT devices are too old to receive security patches. Use compensatory controls such as microsegmentation, optical patching, and spoofing technologies to protect these vulnerable systems.
- Develop OT SecOps: Plan for a future where OT-specific SecOps tools and processes are integrated into unified IT/OT security operations centers. This ensures complete coverage of different OT devices and network connections.
- Combine security vendors: Given the shortage of skilled OT security professionals, consolidating security vendors can help streamline operations and improve efficiency.
- Use advanced threat intelligence: As the threat landscape evolves rapidly, having AI-driven, real-time intelligence is essential. This helps organizations stay ahead of emerging threats and improve their security posture.
Using a security platform approach can greatly improve these efforts. The Fortinet OT Security platform, for example, offers comprehensive, integrated, and automated solutions that include secure communications, zero trust, and specific OT threat intelligence. This holistic approach helps organizations integrate vendors and strengthen their OT defenses against the latest cyber threats.
Make cybersecurity a priority
In an era where OT systems are increasingly connected to the digital world, cybersecurity must be a top priority for management. Taking an agile approach by improving visibility, modernizing legacy systems, and using advanced threat intelligence can help protect organizations from evolving threats while ensuring the operational efficiency of critical infrastructure.
Source link