Operational know-how (OT) infrastructure is going through an unprecedented wave of cyberattacks, with a reported 73% surge in incidents, in keeping with the Fortinet 2024 State of Operational Expertise and Cybersecurity Report. OT organizations liable for vital infrastructure and industrial processes usually discover themselves within the crosshairs of more and more subtle risk actors.
Nevertheless, there’s a silver lining. Though cyber intrusions have risen, organizations are taking concrete steps to reinforce OT safety. Management buildings are adapting, and the applied sciences safeguarding OT programs have gotten extra strong. But, the problem of securing converged IT/OT environments persists, making it important for executives, significantly Chief Data Safety Officers (CISOs), to remain knowledgeable on the evolving risk panorama.
A c-suite mindset shift
The elevation of OT cybersecurity dangers to the manager degree marks a major shift in company priorities. The 2024 Fortinet report is the sixth version, and 6 years in the past, OT safety was usually neglected. Many factories operated in isolation from IT programs, however over time as industries have more and more related their operational environments to exterior networks, the vulnerabilities have grow to be obvious.
In the present day, OT safety is a precedence throughout business sectors, with extra corporations recognizing the necessity to shield their vital infrastructure. CISO tasks now embody OT safety, alongside different C-suite leaders such because the CIO, COO, and CTO. This collective duty displays a broader understanding that securing OT environments is vital to making sure enterprise continuity and mitigating operational dangers.
New threats and focused assaults
Menace actors are sharpening their give attention to OT networks, significantly within the manufacturing sector. The Fortinet report highlights an uptick in assaults aimed toward degrading model popularity and stealing vital enterprise knowledge and mental property. Criminals have additionally begun monetizing the disruption of manufacturing traces, factoring this into their ransom calls for.
Moreover, two kinds of assaults have gotten more and more prevalent. The primary is conventional ransomware, which may halt manufacturing and disrupt vital infrastructure. The second, extra regarding, is OT-specific malware designed to govern bodily processes resembling valves, switches, and conveyor belts. These assaults, usually state-sponsored, pose a major danger to nationwide infrastructure and company property.
The problem of modernization
Regardless of enhancements, many OT environments proceed to battle with modernization. Older manufacturing gear, designed for reliability slightly than safety, creates blind spots. These legacy programs usually use outdated communication protocols and are tough to safe with out first reaching full visibility.
To handle this example, organizations should stock their OT property, implement next-generation firewalls, and section their networks. As OT safety matures, adopting a zero-trust strategy and incorporating superior safety operations (SecOps) turns into more and more vital. The report reveals a spectrum of maturity amongst organizations, with some nonetheless in the beginning of their journey whereas others are embracing cutting-edge SecOps methods.
Motion steps for leaders
Expertise leaders can take rapid actions to safe their OT environments:
- Improve community segmentation: Deploy further firewalls and switches to section OT networks, lowering the danger of lateral motion by unhealthy actors.
- Handle legacy programs: Many OT units are too previous to obtain safety patches. Implement compensating controls like microsegmentation, digital patching, and deception applied sciences to guard these susceptible programs.
- Develop OT SecOps: Plan for a future the place OT-specific SecOps instruments and processes are built-in into joint IT/OT safety operations facilities. This ensures complete protection of distinctive OT units and community communications.
- Consolidate safety distributors: Given the scarcity of expert OT safety professionals, consolidating safety distributors may also help streamline operations and enhance effectivity.
- Leverage superior risk intelligence: Because the risk panorama evolves quickly, having AI-driven, real-time risk intelligence is vital. This helps organizations keep forward of rising threats and optimize their safety posture.
Utilizing a platform strategy to safety can tremendously improve these efforts. The Fortinet OT Safety platform, for instance, gives broad, built-in, and automatic options that embody safe networking, zero belief, and OT-specific risk intelligence. This holistic strategy helps organizations consolidate distributors and strengthen their OT defenses towards the newest cyber threats.
Make cybersecurity a precedence
In an period the place OT programs are more and more related to the digital world, cybersecurity should be a prime precedence for executives. Taking a proactive strategy by bettering visibility, modernizing legacy programs, and leveraging superior risk intelligence may also help shield organizations from evolving threats whereas making certain the graceful operation of vital infrastructure.
