The increased demand for faster and more efficient systems has resulted in a rise of internet enabled OT (operational technology) systems. Across national infrastructure sectors such as energy, power, utilities, maritime, transport, healthcare and agriculture, OT is becoming more interconnected, and with this comes the rising threat of cyber attacks, which in turn are becoming increasingly sophisticated.
Add in the current changes to the political landscape, and it’s no wonder that critical national infrastructure is seen as a highly valuable target, and also a weak point, and as such is targeted with malicious attacks designed to cause disruption and instability on a large scale.
And yet, recent research by Fortinet of OT security professionals reports that network security of OT environments is poor:
- 93% of organisations had 1+ intrusions in the past year; 78% had 3+
- 61% of intrusions impacted OT systems
- Only 52% say all OT activities are monitored and tracked by the SOC
- Only half of respondents say that their organisation’s OT security posture is a significant factor in its overall risk score
Overall, the research reports that businesses are moving too slowly towards full protection of their OT assets and that many still have a considerable distance to go to adequately protect their OT systems.
Complexity is one issue that can hamper OT security. With the majority of organisations having between hundreds, if not thousands, of devices in operation, it can naturally feel like an uphill struggle to even identify all OT assets in an ecosystem, let alone adequately protect them. Multiple vendor provision can also add to the confusion, with the risk being that assets, data and processes fall between the gaps of security arrangements.
Organisations must quickly strengthen the security posture of their OT systems with an OT cyber security strategy focused on protecting their most important assets whilst ensuring that operations can continue in a safe and continuous way.
By implementing a multi layered security strategy, consisting of SIEM, NGFW, NAC and a Zero Trust approach, organisations will gain visibility, control and behavioural analytics across their entire OT network.
However, the first step is to ensure that network security of OT environments is top of the agenda within those organisations embracing IoT opportunities across their OT networks.
Our team of cyber security consultants are here to advise and guide you through the process of identifying and securing any gaps in your OT security strategy. We ask the difficult questions, and advise on the most effective solutions.
As the first global expert partner, formally certified by Fortinet, to secure OT environments, Infosec Partners leverages the Fortinet range of security products to develop powerful cohesive cyber security solutions for organisations embracing IoT opportunities. What’s more, we are globally recognised for our advanced skills and ability to deploy, administer and troubleshoot OT cyber security solutions in complex environments.
Get in touch for more information.
