OT leaders grapple with security challenges

Operational technology (OT) leaders face challenges in preventing cyber criminals from accessing systems and disrupting business. In fact, nine out of 10 organisations in this sector experienced at least one intrusion in the past year.

This was one of the findings of the Fortinet 2021 State of Operational Technology and Cybersecurity Report. The report illuminates where OT is most vulnerable, the types of cyber attacks organisations face, current security tactics and the areas where cyber security protocols need improvement.

Aimed at understanding the types of threats facing OT and how these teams can mitigate these threats, the company surveyed organisations in manufacturing, energy and utilities, healthcare and transportation with more than 2 500 employees.

This year's report indicates that OT leaders continue to be involved in cyber security, but it remains a struggle, says Rick Peters, CISO Operational Technology at Fortinet.

“And over the past year, the pandemic only added to the security issues leaders had to face. The momentum for OT-IT network convergence was evident pre-pandemic, but the effects of pandemic-driven innovation accelerated digital transformation and increased extended connectivity.”

Facing the challenge of extending the plant environment to accommodate remote work, many entities had to increase their technology budgets to support rapid solution deployment, he adds.

Looking to benefit where possible from the many changes brought about by the pandemic, many OT leaders are looking for new ways to streamline processes and reduce future costs.

“Although progress is being made, there is room for improvement. Most OT organisations are not leveraging orchestration and automation and their security readiness was further taxed by the COVID-19 crisis,” he adds.

OT-IT network convergence, together with an evolving threat landscape and managing pandemic-related issues, made it even more difficult for OT leaders to stay ahead of disruptive cyber adversaries, he says.

The survey also revealed that OT leaders weren't prepared for pandemic-related changes, and had to quickly increase spending to manage the processes related to the digital connectivity of IT-OT network assets that are essential to supporting work from home.

These two issues both affected technology budgets. Security operations centres and network operations centres needed more staff and equipment as the pandemic accelerated digital transformation and increased the need for connectivity for secure remote access, he explained.

“Employees working from home and OEMs and system integrators were hampered by their ability to travel. The pandemic accelerated the need for secure remote access as technical staff could not be on-site to perform work in-person.”

Peters says OT entities also faced malware and an increased incidence of insider threats and phishing.

“The survey showed significant growth in phishing attacks, with 58% reporting this type of intrusion, up from 43% last year. The increase in phishing stems from attackers exploiting weaknesses related to the rapid changes to support remote work that emerged at the beginning of 2020.”

He says as employees continue to work remotely, it is apparent that OT organisations need to extend zero trust to their endpoints to address the expanded attack surface.

Finally, the survey highlighted how OT leaders continue to struggle with security measurements.

“OT leaders are tracking and reporting cyber security measurements consistently, with 'cost' falling lower on the priority list than 'risk assessment' and 'implications to the business'. Vulnerabilities (70%) and intrusions (62%) remain the top cyber security measurements that are tracked and reported, but tangible risk management outcomes have become more prevalent this year (57%),” he says.

Arguably, Peters says, the resiliency that is achieved from implementing cyber security best practices has gained momentum over the past year.

“Despite that interest, the 2021 report indicates that OT leaders continue to struggle. Increased digital connectivity of OT and IT networks rolls on, yet in this year’s survey, only 7% of OT leaders reported no intrusions. It's clear that many organisations face challenges when it comes to security practices and ultimately protecting their infrastructure from today's increasingly sophisticated cyber threats.”

With that said, top-tier OT organisations are realising cyber security success and managing to weather the unusual situation brought on by the pandemic and the corresponding rapid innovation, he notes.

“Those top-tier organisations continue to make a commitment to promoting centralised visibility and taking a proactive approach to security to protect their critical systems.”