Report: Cybersecurity Best Practices Helped OT Organizations Better Withstand Pandemic Vulnerabilities

The 2021 State of Operational Technology and Cybersecurity Report from Fortinet finds that operational technology (OT) leaders continue to face cybersecurity challenges, some of which were exacerbated by the shift to work from home due to the pandemic. The report also found that insider breaches increased by over 100% in the past year and that industrial organizations continue to grapple with immense security challenges.
 
The pandemic also accelerated IT-OT network convergence for most organizations, which correlates to other CEO reports that indicate pandemic-related changes have accelerated digital transformation, putting organizations years ahead of where they would have expected to be at this point. According to the report, many organizations had to increase their technology budgets to accommodate the move to remote work. And as a result of the many changes brought about by the pandemic, many OT leaders are looking for new ways to streamline processes and reduce costs.

The momentum for OT-IT network convergence was already happening pre-pandemic, but the effects of the pandemic accelerated digital transformation and increased the need for connectivity. Employees were required to work from home and OEMs and system integrators were hampered by their inability to travel to service equipment. Getting on-site became much more difficult, so the pandemic clearly increased the need for third-party secure remote access. Overcoming these challenges increased both costs and risks.

“In 2021, we saw a change in respondents away from Manager of Manufacturing to more VP and Director level. The responsibility for OT is shifting away from VP or Director of Network Engineering to CISOs and CIOs. Additionally, there were more security operations centers (SOCs) and significantly more network operations centers (NOCs) in place in 2021 than the prior year,” according to the report.

As they have in previous years, Fortinet compared the practices of respondents who had seen zero intrusions in the past year with those who had 10 or more intrusions. The company again found that “top-tier” OT leaders were significantly more likely to adhere to a number of best practices. These include:

• Leveraging orchestration and automation and using predictive behavior

• Tracking and reporting the financial implications of cybersecurity to the business

• Reporting compliance with industry regulations and scheduled security assessments

Adhering to cybersecurity best practices helped top-tier OT organizations better withstand the technology changes, threats and vulnerabilities that occurred during the pandemic, according to the report.