Security Experts:

Connect with us

Hi, what are you looking for?



Over 90% of OT Organizations Experienced Cyber Incidents in Past Year: Report

A survey conducted recently by cybersecurity firm Fortinet showed that more than 90% of organizations that use operational technology (OT) systems have experienced some sort of cyber incident in the past year.

A survey conducted recently by cybersecurity firm Fortinet showed that more than 90% of organizations that use operational technology (OT) systems have experienced some sort of cyber incident in the past year.

Fortinet’s 2021 State of Operational Technology and Cybersecurity Report is based on responses received in late February and early March from 100 people working for organizations with more than 2,500 employees in the manufacturing, energy and utilities, healthcare, and transportation sectors.

Fortinet told SecurityWeek that the study focused on OT systems and all respondents were responsible for some aspect of manufacturing or plant operations, but admitted that some of the reported incidents may have actually involved the organization’s IT systems.

The survey found that more than 90% of organizations experienced at least one cyber incident, and 12% reported more than 10 incidents in the past year. More than half of respondents said the incident resulted in an operational outage that affected productivity, and 45% said it resulted in an operational outage that put physical safety at risk.

OT cybersecurity incidents

The types of incidents reported by respondents included phishing (58%), malware (57%), insider breaches involving bad actors (42%), exploitation of vulnerabilities (40%), mobile security breaches (40%), removable storage devices (33%), ransomware (32%), unintentional insider breaches (31%), and DDoS attacks (24%). Phishing and malicious insider breaches recorded the most significant increase compared to previous years.

The OT leaders who took part in the survey admitted that they were not prepared for the changes required by the COVID-19 pandemic, and they were forced to quickly increase budgets for technologies that support remote work and change processes. Only 4% of respondents said they were prepared for remote work before the pandemic.

The connectivity between IT and OT has been increasing over the past years, but over 70% of those who took part in Fortinet’s survey said the pandemic actually accelerated OT-IT convergence.

Learn more about OT security at SecurityWeek’s ICS Cyber Security Conference and SecurityWeek’s Security Summits virtual event series

When it comes to tracking and reporting cybersecurity measurements, roughly two-thirds said they regularly report issues to senior management, including identified vulnerabilities, detected intrusions, financial implications, risk management outcomes, productivity gains, and cost reduction.

“Vulnerabilities (70%) and intrusions (62%) remain the top cybersecurity measurements that are tracked and reported, but tangible risk management outcomes have become more prevalent this year (57%). OT cybersecurity issues are reported to senior/executive leadership fairly evenly, although the results of penetration/intrusion tests are not shared quite as much as the other issues,” Fortinet said in its report.

The survey also found some differences between top-tier organizations — those that reported no incidents — and bottom-tier organizations — those that reported more than 10 attacks.

Top-tier organizations are more likely to track and report financial implications, they are more likely to perform scheduled security assessments, are more likely to have full visibility into their OT activities, and they’ve had less problems related to working from home.

Related: Number of ICS Vulnerabilities Continued to Increase in 2020

Related: How Your Security Approach Can Drive Resiliency in the Industrial Economy

Related: Over 12% of ICS Security Incidents Attributed to Nation-State Hackers: Survey

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...


Twenty-one cybersecurity-related M&A deals were announced in December 2022.

Management & Strategy

Industry professionals comment on the recent disruption of the Hive ransomware operation and its hacking by law enforcement.

CISO Strategy

Cybersecurity-related risk is a top concern, so boards need to know they have the proper oversight in place. Even as first-timers, successful CISOs make...


The overall effect of current global geopolitical conditions is that nation states have a greater incentive to target the ICS/OT of critical industries, while...

Management & Strategy

Tens of cybersecurity companies have announced cutting staff over the past year, in some cases significant portions of their global workforce.