Digital transformation (DX) is driving efficiency gains and cost reduction, but it also promotes the integration of informational technology (IT) and operation technology (OT) networks. This integration exposes OT networks to a growing threat landscape. With DX, OT networks also see more industrial internet-of-thing (IIoT) devices gathering data and sharing information across the network.
Manufacturing leaders are becoming increasingly aware of the cyber risks surrounding operational technology (OT). With this understanding, more are allocating time and investment into cyber security strategies for OT environments.
Fortinet conducted research to gather insights from leaders within OT organisations on their priorities and concerns associated with security for OT and IT solutions. According to the research, 9 out of 10 organisations experienced at least one intrusion in the past year, and 63% had three or more intrusions, which is similar to the results in 2020.
Operational Technology Risk is Real
The research revealed that around 43% of operational outages negatively impacted productivity, followed by reputational damage (19%) and safety risks (18%). Understanding the pain points for OT and the barriers to successful operations allows businesses to determine their next steps for implementing cyber security measures.
Research carried out by Fortinet provides some crucial feedback on the types of operational cyberattacks. The research shows 12 categories of attack:
- Phishing attempts
- Malware attacks
- Mobile Security Breach
- Insider Breaches: Well-Intentioned/Careless
- Ransomware attacks
- Insider Breaches: Bad Actor
- Structured Query Language (SQL) Injection
- ‘Man-in-the-middle’ attacks
- Distributed denial-of-service (DDoS) attacks
- Zero-day attacks
Fortinet explains in the report how the top two types of cyberattack - Phishing and Malware – are becoming increasingly more sophisticated over time.
Barriers to Effective Response Management
Without adequate knowledge in place, it can be difficult for manufacturers to implement response management systems. Fortinet’s research found many barriers to effective implementation of response management, and some of them were found to be significant issues that hindered progress. These include:
- Insufficient resources.
- Fast-paced changes in risk.
- Undefined policies, procedures, or best practices.
- Inadequate tools or technology.
- Scarcity of talent or expertise.
- Lack of training.
- Ineffective communication between IT and OT.
- Unclear roles and responsibilities.
- Regulatory change.
According to the research, the most significant barriers were insufficient resources (46%), fast-paced changes in risk (44%), and undefined policies and procedures (40%).
Secure Manufacturing Technology
A majority of OT leaders report the maturity of their security posture as at least Level 2 access, which means they have established visibility, segmentation, access, and profiling. At Level 2, they have complete role-based access and are working to achieve zero trust by enforcing multi-factor authentication. In fact, 99% of surveyed respondents were above Level 0, which means only 1% have absolutely no visibility or segmentation in place in OT. Although progress is being made, there is room to grow.
Fortinet provides the security expertise and solutions to provide manufacturers with broad visibility and control to support their IT and OT infrastructure.
Read Fortinet’s full report or visit Fortinet.com for more information.