Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

ICS/OT

Over 90% of OT Organizations Experienced Cyber Incidents in Past Year: Report

A survey conducted recently by cybersecurity firm Fortinet showed that more than 90% of organizations that use operational technology (OT) systems have experienced some sort of cyber incident in the past year.

A survey conducted recently by cybersecurity firm Fortinet showed that more than 90% of organizations that use operational technology (OT) systems have experienced some sort of cyber incident in the past year.

Fortinet’s 2021 State of Operational Technology and Cybersecurity Report is based on responses received in late February and early March from 100 people working for organizations with more than 2,500 employees in the manufacturing, energy and utilities, healthcare, and transportation sectors.

Fortinet told SecurityWeek that the study focused on OT systems and all respondents were responsible for some aspect of manufacturing or plant operations, but admitted that some of the reported incidents may have actually involved the organization’s IT systems.

The survey found that more than 90% of organizations experienced at least one cyber incident, and 12% reported more than 10 incidents in the past year. More than half of respondents said the incident resulted in an operational outage that affected productivity, and 45% said it resulted in an operational outage that put physical safety at risk.

OT cybersecurity incidents

The types of incidents reported by respondents included phishing (58%), malware (57%), insider breaches involving bad actors (42%), exploitation of vulnerabilities (40%), mobile security breaches (40%), removable storage devices (33%), ransomware (32%), unintentional insider breaches (31%), and DDoS attacks (24%). Phishing and malicious insider breaches recorded the most significant increase compared to previous years.

The OT leaders who took part in the survey admitted that they were not prepared for the changes required by the COVID-19 pandemic, and they were forced to quickly increase budgets for technologies that support remote work and change processes. Only 4% of respondents said they were prepared for remote work before the pandemic.

The connectivity between IT and OT has been increasing over the past years, but over 70% of those who took part in Fortinet’s survey said the pandemic actually accelerated OT-IT convergence.

Learn more about OT security at SecurityWeek’s ICS Cyber Security Conference and SecurityWeek’s Security Summits virtual event series

Advertisement. Scroll to continue reading.

When it comes to tracking and reporting cybersecurity measurements, roughly two-thirds said they regularly report issues to senior management, including identified vulnerabilities, detected intrusions, financial implications, risk management outcomes, productivity gains, and cost reduction.

“Vulnerabilities (70%) and intrusions (62%) remain the top cybersecurity measurements that are tracked and reported, but tangible risk management outcomes have become more prevalent this year (57%). OT cybersecurity issues are reported to senior/executive leadership fairly evenly, although the results of penetration/intrusion tests are not shared quite as much as the other issues,” Fortinet said in its report.

The survey also found some differences between top-tier organizations — those that reported no incidents — and bottom-tier organizations — those that reported more than 10 attacks.

Top-tier organizations are more likely to track and report financial implications, they are more likely to perform scheduled security assessments, are more likely to have full visibility into their OT activities, and they’ve had less problems related to working from home.

Related: Number of ICS Vulnerabilities Continued to Increase in 2020

Related: How Your Security Approach Can Drive Resiliency in the Industrial Economy

Related: Over 12% of ICS Security Incidents Attributed to Nation-State Hackers: Survey

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem