The current and future state of smart OT security

Issue 5 2022 Industrial (Industry), Information Security, Infrastructure

It’s no surprise that security and network professionals working in operational technology (OT) environments are eager to take advantage of the emerging capabilities of digital transformation. Adopting modern technologies like cloud computing, machine automation and the Internet of Things (IoT) across the industrial sector offers many potential benefits, ranging from streamlined processes that contribute to increased staff productivity to decreased plant downtime.

However, a new report published by Smart Industry and sponsored by Fortinet explores the challenges these decision makers face when balancing the acceleration of their digital transformation efforts with the creation and maintenance of a strong security programme. The report also highlights smart OT security strategies that leaders can employ to support their digital transformation efforts while guarding against clever threat actors.

Smart Industry surveyed 109 professionals in the manufacturing industry across companies of all sizes, with 21% of respondents holding C-level roles within their organisation. Respondents represent a wide range of verticals within OT: utilities, chemical/pharmaceutical, automotive, and oil and gas.

Cybersecurity awareness growing in OT environments

Most modern industrial systems weren't built with security in mind. Yet as OT and IT networks coverage, OT is increasingly vulnerable to cyberattacks.

The good news is that 63% of the network and security leaders surveyed are aware of and involved with the security practices related to their organisation’s OT efforts. The majority of respondents (83%) also recognise that greater connectivity makes their assets more vulnerable to cyberattacks.

However, despite this awareness, nearly 60% of these respondents also revealed that their organisation suffered at least one breach during the past 12 months, with 10% experiencing four or more. A few said they'd experienced 11 or more.

The most troubling finding is that 25% said they “didn’t know” if their OT environment had been compromised in the past year.

While it’s easy to assume an environment is protected, operating with an “assume breach” mindset often motivates organisations to establish more robust security protocols. This shift gives them greater visibility into their environment so they can, among other things, confidently say whether they’ve experienced a breach.

Malware and phishing top the list of OT cyberattacks

Of the decision makers whose organisations experienced security incidents in the past 12 months, 71% said they’d suffered a malware or phishing attack. Other incident types experienced by respondents included those related to the exploitation of known vulnerabilities (32%), ransomware (25%) and social engineering (25%).

The prevalence of malware and phishing attacks isn’t surprising, as malware and phishing attempts are widespread. They’re easier for clever attackers to implement, and when payments are requested of the victims, they are usually far less than what’s asked as part of a larger-scale ransomware attack.

Operational outages and data loss

One of the biggest concerns of a successful attack on an OT system is downtime. Manufacturing floors can lose thousands or tens of thousands of dollars for every hour they’re offline. And those fears are justified given that, of the respondents whose organisations experienced a breach in the past year, 59% said the breach caused an operational outage and impacted productivity. The ongoing fallout from these attacks is also concerning, with respondents saying they lost business-critical data (28%) and intellectual property (25%) because of a breach.

While security incidents are inevitable, how organisations respond to and recover from cyberattacks is a strong indicator of the effectiveness of the risk management strategies they have in place.

The good news is that more than 80% of respondents said they have the capability to accurately detect and respond to a security incident that occurs in their OT environment. What's even better: more than a third of respondents (35%) recently performed a cyber-risk audit and/or an OT-specific security assessment. Another 27% performed one or both of these assessments within the past year.

These proactive cybersecurity practices indicate a strong commitment to exposing and addressing vulnerabilities to improve the overall health of an organisation's security programme.

OT security is a mixed bag

What’s clear from the report is that there isn’t always a clear connection between awareness, intention and results. OT teams that are aware of cyber risks are still being breached, often several times a year. Part of the challenge is the trade-off that many teams make between digital transformation and cybersecurity. As organisations accelerate their digital transformation efforts, their exposure to cyber risk increases. If not managed carefully, speeding up systems and processes can amplify errors and mask the ability to detect and recover from a breach in a timely manner.

The report offers additional ideas for better securing OT systems, such as adopting a Zero Trust approach to security, properly segmenting IT and OT environments, and regularly auditing an organisation's security programme. Additional measures, such as deploying a unified security framework across both IT and OT networks, help ensure that security systems can share and correlate threat intelligence, consistently enforce policy, and implement AI-enhanced automation to detect and respond to threats in real time.

Read the full report at www.fortinet.com/resources-campaign/research-papers/smart-ot-cybersecurity-from-c-suite-to-strategy


Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Upgrade your PCs to improve security
Information Security Infrastructure
Truly secure technology today must be designed to detect and address unusual activity as it happens, wherever it happens, right down to the BIOS and silicon levels.

Read more...
Open source code can also be open risk
Information Security Infrastructure
Software development has changed significantly over the years, and today, open-source code increasingly forms the foundation of modern applications, with surveys indicating that 60 – 90% of the average application's code base consists of open-source components.

Read more...
Fastest PCIe Gen 5.0 NVMe SSD
Products & Solutions Infrastructure
Sandisk has unveiled the WD_BLACK SN8100 NVMe SSD with PCIe Gen 5.0 technology, an internal SSD delivering speeds up to 14 900 MB/s and capacities up to 4 TB, with 8 TB solutions available soon.

Read more...
SA’s strained, loadshedding-prone grid faces cyberthreats
Power Management Information Security
South Africa’s energy sector, already battered by decades of underinvestment and loadshedding, faces another escalating crisis; a wave of cyberthreats that could turn disruptions into catastrophic failures. Attacks are already happening internationally.

Read more...
Unified storage solution
Products & Solutions Infrastructure
CASA Software has announced the local availability of Nexsan’s upgraded unified storage solution, Unity NV4000, which is ideal for mixed workloads, from virtualisation and video surveillance to secure backup and recovery.

Read more...
Almost 50% of companies choose to pay the ransom
News & Events Information Security
This year’s Sophos State of Ransomware 2025 report found that nearly 50% of companies paid the ransom to get their data back, the second-highest rate of ransom payment for ransom demands in six years.

Read more...
Cybersecurity a challenge in digitalising OT
Kaspersky Information Security Industrial (Industry)
According to a study by Kaspersky and VDC Research on securing operational technology environments, the primary risks are inadequate security measures, insufficient resources allocated to OT cybersecurity, challenges surrounding regulatory compliance, and the complexities of IT/OT integration.

Read more...
Security and privacy: Is one without the other possible?
IoT & Automation Industrial (Industry)
OEMs have a duty to protect privacy as much as security. If security protection is about keeping people out of an embedded device, privacy protection safeguards the data inside the device.

Read more...
From the editor's desk: Showtime for Securex
Technews Publishing News & Events
We have once again reached the time of year when the security industry focuses on Securex. This issue includes a short preview, with more coming online and via our special Securex Preview news briefs. ...

Read more...
Suprema unveils BioStar Air
Suprema neaMetrics News & Events Access Control & Identity Management Infrastructure
Suprema launches BioStar Air, the first cloud-based access control platform designed to natively support biometric authentication and feature true zero-on-premise architecture. BioStar Air simplifies deployment and scales effortlessly to secure SMBs, multi-branch companies, and mixed-use buildings.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.