Survey Details
The Fortinet’s 2023 State of Operational Technology and Cybersecurity Report surveyed 570 OT professionals from manufacturing, transportation, healthcare, oil and gas, energy, chemical, and water sectors in countries such as the US, Canada, Australia, Brazil, Mexico, the UK, France, Germany, Japan, India, South Africa, and Egypt who were regularly involved in cybersecurity purchase decisions.
Factors Behind the Decline in Breaches
Insider threats have reduced from 29% to 12% in 2023, driving the decline in intrusions, while attacks that affect IT and OT systems are on the rise. The survey found that 32% of incidents in 2023 are in both IT and OT systems, up from 21% a year before. The report also shows a 17% drop in the number of intrusions that affect only OT environments, now accounting for 17% compared to last year’s 40%. The report stated that IT security professionals, particularly the CISO or CSO, were responsible for OT security in 95% of the cases, indicating a shift in the responsibility of OT cybersecurity to the IT team over those with product management work experience.
The report highlighted the concern expressed by many participants regarding ransomware attacks that impact production as well. While ransomware attacks usually target IT or enterprise networks, they can have indirect or direct effects on production.
Realistic Self-Assessment of OT Cybersecurity Posture
Fortinet’s report noted that fewer companies considered their OT security posture to be highly mature globally and that this year’s respondents’ assumed their OT cybersecurity capabilities had a more realistic self-assessment than last year’s. Organizations evaluating their cybersecurity posture at Level three rose from 35% in 2022 to 44% in 2023, and the percentage of organizations considering their OT posture as mature dropped from 21% last year to just 13% in 2023. A realistic evaluation of OT cybersecurity posture should permit organizations to establish constructive remediation plans and ensure their organization’s protection.
Editorial
It is encouraging that the number of breaches across OT organizations has reduced this year, especially due to insider threats’ decline. However, new threats continue to emerge daily, indicating the need for all organizations to ensure they stay up-to-date with cybersecurity practices. The increase in attacks on both IT and OT systems shows that hackers may be blending various attack methods, indicating a new sophistication of cyberattacks. The report notes that organizations are less confident in their security posture, which is not inherently negative. Instead, a more realistic assessment of current threats should enable organizations to develop more effective remediation strategies and ensure their security posture.
Advice
In conclusion to the report, it emphasizes the need for organizations to maintain their cybersecurity skills, identifying new and current cyber threats, and establishing proactive security measures in response. Organizations should remain aware of the changes in threat patterns and their effects on cybersecurity postures, continuing assessments and reassessments to ensure preparedness.
Impact on OT Security
The ICSOT Cyber Insights of 2023 referenced Fortinet’s report and touched upon the critical impact of geopolitical conditions on ICS/OT security. Nation states are increasingly incentivized to target ICS/OT in critical sectors, such as transportation, nuclear power plants, oil refineries, energy grids, and other infrastructure. These sectors are now increasing investments in their security measures and developing a security-conscious culture to protect their assets and infrastructure.
<< photo by cottonbro studio >>
You might want to read !
- Pegasus spyware used to hack Armenian citizens during conflict: Report
- The Evolution of Buhti Ransomware Gang: Analyzing the Utilization of Leaked LockBit and Babuk Code
- “Brazilian Hackers Launch Large-Scale Attack on 30+ Portuguese Banks”
- The Dangerous Intersection of Economic Instability, Cybercrime Recruitment, and Insider Threats
- Barracuda Email Security Appliances Breached by Threat Actors
- “The Perils of Ransomware and MitM Attacks: The Man in the Middle Strikes Again”
- Exploring the Implications of an Extensive Phishing Attack Conducted Using SuperMailer
- “Honeytokens: The Ultimate Solution for Improved Intrusion Detection”
- “The Power of Reinvention: Revamping Risk in Awareness Training”
- Toward a More Collaborative Approach: Strengthening Public-Private Partnerships to Enhance Cybersecurity.
- Strengthening Industrial Cybersecurity: Balancing Remote Access and Risk Concerns
