1、2024 State of Operational Technology and Cybersecurity ReportREPORTTable of ContentsKey Takeaways.3Executive Summary.5Introduction.5Critical Insights for OT Security.6A Deep Dive into the 2024 Survey.10Global Impact.14Best Practices.15Methodology.16Conclusion.172Key TakeawaysCybersecurity incidentsN

2、early one-third(31%)of respondents reported 6+intrusions,compared to only 11%last year.In particular,organizations with advanced maturity levels reported high intrusions for this cycle.All intrusion types increased compared to the previous year,except for a decline seen in malware.Phishing and compr

3、omised business email intrusions were the most common types,while the most common techniques used were mobile security breaches and web compromise.How OT factors into cybersecurity There has been a significant decrease in organizations reporting 100%visibility of OT activities within central cyberse

4、curity operations(from 13%in 2022 to 10%in 2023 to only 5%this year).This is perhaps because as an organizations OT security posture becomes more mature,it becomes more aware of blind spots in its visibility.This years survey also shows that there have been increases at both ends of the maturity spe

5、ctrum,at the basic level(establishing visibility and segmentation)and at the highest level(leveraging orchestration and automation capabilities).6%18%49%19%1%20227%25%27%37%10%1%1%202324%15%30%24%1%7%2024Dont know10+6 to 93 to 51 to 20Operational outage that affected productivityLevel 0 No segmentat

6、ion or visibility in place for OT46%1%55%1%48%2%Brand awareness degradationLevel 1 Visibility and segmentation established34%13%52%20%34%14%Operational outage that impacted revenueLevel 2 Access and profiling established44%30%52%30%39%28%Operational outage that put physical safety at riskLevel 3 Pre

7、dictive behavior established42%44%48%27%42%35%Failure to meet compliance requirements#intrusions in past yearMaturity of OT security posture%of OT systems centrally visible*Level 4 Leverage orchestration and automationUnsure40%13%1%44%23%1%35%21%1%Lost business-critical data/IP3443%37%The impact of

8、intrusionsThe negative effects caused by an OT intrusion are also getting worse across the board in all impact categories.More than half of respondents(52%)saw a steep increase in degradation of brand awareness,up from only 34%in 2023.Loss of business-critical data and productivity was another notab

9、le trend(increasing from 34%to 43%year-over-year).None3%3%5%2022202220232023202420243%23%61%202213%3%3%28%59%10%5%202326%67%2024100%About 75%About 50%About 25%032024 State of Operational Technology and Cybersecurity ReportREPORTPeopleAnother clear sign of increasing maturity comes from steady growth

10、 in organizations that have already rolled OT security under a CISO,from only 10%in 2022 to 17%in 2023 to 27%this year.At the same time,we saw a reversal of last years trend with organizations that were not planning to move OT security under the CISO in the next 12 months,which went from 11%in 2022

11、down to 4%last year,but back up to 12%in 2024.This years findings also show that the ultimate responsibility for OT cybersecurity is moving away from the OT director of cybersecurity in favor of a VP/director of networking engineering/operations role.This elevation into the executive ranks may sugge

12、st that OT security is becoming a higher-profile topic at the board level.Cybersecurity to be under CISO in the next 12 months10%79%202211%17%79%4%12%202327%60%2024NoYesAlready under CISO202220232024CISO/CSO16%34%38%VP/Director of Networking Engineering/Operations26%10%26%OT Director/Manager of Cybe

13、rsecurity32%42%16%CIO19%8%11%CTO4%5%7%COO2%1%3%Security Architect1%1%1%42024 State of Operational Technology and Cybersecurity ReportREPORTExecutive SummaryThis year marks our sixth edition of the Fortinet State of Operational Technology and Cybersecurity Report.The 2024 study is based on comprehens

14、ive data from a global survey of more than 550 OT professionals conducted by a respected third-party research company.As OT organizations introduce new digital tools and technologies to their environments,their security challenges have grown more complex.As NIST notes,“While security solutions have

15、been designed to deal with these issues in typical IT systems,special precautions must be taken when introducing these same solutions to OT environments.In some cases,new security solutions that are tailored to the OT environment are needed.”1This years report shows that some progress has been made

16、over the last 12 months in OT security posture and investment in essential tools and capabilities.But theres more work to be done to effectively manage an increasing number of attacks in a post-IT/OT convergence world.Three notable trends emerged from our 2024 survey responses:nIntrusions and their

17、impacts on organizations have worsened over the past year.nResponsibility for OT cybersecurity is elevating within executive leadership ranks.nOT security postures are maturing in key areas,but this remains a work in progress.The critical insights and deeper analysis of these findings expose the dyn

18、amic and sometimes mercurial nature of managing OT risks.Considering these specific challenges,this years report also offers some current best practices and tips for improving your organizations OT security posture.IntroductionThreats to OT systems can come from numerous sources,including hostile go

19、vernments,terrorist groups,disgruntled employees,malicious intruders,complexities,natural disasters,malicious actions by insiders,and unintentional actions such as human error or failure to follow established policies and procedures.2Sensitive OT systems were not designed for todays digital world.Th

20、ey were built for a time and place where they could safely do their thing in relative isolation.As the world changed around them,adopting transformative digital tools brought new conveniences and capabilities,along with all the cybersecurity risks that come with increased network connectivity.As the

21、 2024 State of Operational Technology and Cybersecurity Report shows,some of the positive gains highlighted in the previous year can slip away in just a few short months.Endemic risks to OTThis years survey respondents confirm media reports that OT attacks are on the rise.3 According to the most rec

22、ent Global Threat Landscape Report from Fortinet,attacks targeting industrial control systems(ICS)and OT were already trending up in the second half of last year,with half of organizations reporting exploits(energy and utilities were top targets).4Organizations cannot afford to forget that OT system

23、s present extremely attractive targets for attackers.Effective protection requires constant vigilance and resource allocation.A rise in intrusions and worsened impacts of attacks offer a clear sign to maturing organizations that their OT systems are not completely visible within the organizations ce

24、ntral cybersecurity operations.For certain industry sectors,such as manufacturing,organizations have been more willing to pay requested ransoms,and the amount requested has also been typically higher.In 25%of breaches among manufacturing companies,the demanded ransom was$1 million or higher.5 Greate

25、r willingness to pay is understandable,given that the cost of downtime for manufacturers is typically very high.52024 State of Operational Technology and Cybersecurity ReportREPORTDetection methods arent measuring upThe Global Threat Landscape Report also showed that fewer organizations are successf

26、ully detecting ransomware than in the past(13%versus 22%),reaffirming that ransomware is becoming more sophisticated and targeted.6 Our 2024 survey findings align with this research,as 56%of respondents experienced ransomware/wiper intrusions,which was a sharp increase from only 32%in 2023.While res

27、pondents state that cybersecurity metrics are increasingly being monitored and reported,these measurements have not helped with intrusion detection and remediation.Organizations also seem to be performing fewer penetration and intrusion tests this year,perhaps as a cost-saving measure.Protecting OT

28、systems remains the goalLast years report expressed hope that one of the headlines in 2024 would be about the significant progress being made toward protecting OT systems.The sharp rise in reported intrusions means that we will have to put that hope aside for another year.The following critical insi

29、ghts,deep dive trend analysis,and best practice recommendations can serve as a guide for making meaningful improvements to OT protections over the coming months.Critical Insights for OT SecurityCritical insight#1:Organizations saw more intrusions and worsened impactsThe most significant insight from

30、 this years findings is that more organizations are experiencing high numbers of intrusions.Nearly one-third of respondents had six or more intrusions,up from only 11%in 2023.It was also notable that all types of intrusions increased,except malware.Q:How many intrusions has your organization experie

31、nced in the past year?1 to 26 to 910+Dont know03 to 518%6%49%19%7%20221%27%25%37%10%20231%15%24%30%24%20241%7%62024 State of Operational Technology and Cybersecurity ReportREPORTThe subsequent impacts of intrusions have also gotten worse for organizations.More respondents reported degradation of bra

32、nd awareness due to a successful attack.Many regulations,such as the Cybersecurity Incident Disclosure Provision by the U.S.Securities and Exchange Commission,now require timely public announcement of breaches.7 Findings also showed that more organizations lost business-critical data and decreased p

33、roductivity as a direct result of a breach incident.Critical insight#2:Responsibility for OT security is elevatingManagement responsibilities for OT cybersecurity are shifting away from the OT director of cybersecurity toward the VP/director of networking engineering/operations and CISO.With account

34、ability shifting up the food chain into executive leadership,OT security becomes a higher-profile issue at the board level.Were also seeing an interesting shift in the top internal leaders that influence cybersecurity decisions away from the CIO in favor of the CISO/CSO,CTO,and VP/director of networ

35、k engineering operations.Q:What impact did the intrusion(s)have on your organization?Operational outage that affected productivity48%46%55%Brand awareness degradation34%34%52%Operational outage that impacted revenue39%44%52%Operational outage that put physical safety at risk42%42%48%Failure to meet

36、compliance requirements35%40%44%Lost business-critical data/IP37%34%43%None5%3%3%202220232024Q:Who is ultimately responsible for OT cybersecurity?CISO/CSO16%34%38%VP/Director of Networking Engineering/Operations26%10%26%OT Director/Manager of Cybersecurity32%42%16%CIO19%8%11%CTO4%5%7%COO2%1%3%Securi

37、ty Architect1%1%1%20222023202472024 State of Operational Technology and Cybersecurity ReportREPORTQ:Which internal leaders influence your cybersecurity decisions?(rank up to four)1st2nd3rd4th14%19%17%5%10%6%4%4%4%6%5%4%4%5%5%3%3%3%3%3%9%12%10%4%5%12%32%5%5%6%5%10%11%5%15%12%8%24%15%5%CISO/CSOVP/Dire

38、ctor of Network Engineering OperationsChief Operating OfficerChief Strategy OfficerChief Technology OfficerCIOCEOManufacturing EngineersBuilding/Facilities Leaders5%Chief Finance Officer5%4%Chief Product Officer4%5%2%2%3%Production/Factory Floor Leaders20222023202432%59%58%34%45%48%33%40%45%21%41%34

39、%24%17%20%22%23%16%17%14%15%22%10%14%15%10%12%19%8%11%15%9%11%21%13%10%in top threeCritical insight#3:OT cybersecurity postures are maturingIT infrastructure has had a massive head start on OT systems when implementing effective cybersecurity measures.But OT security posture shows notable progress o

40、n both ends of the mature technologies spectrum.At the most basic level,20%of organizations report establishing visibility and implementing segmentation,up from only 13%in the previous year.The highest level of security posture maturity(leveraging orchestration and automation capabilities)also showe

41、d year-over-year growth,from 13%to 23%.Q:How would you characterize the maturity of your OT security posture?Level 0 No segmentation or visibility in place for OT2%1%1%Level 1 Visibility and segmentation established14%13%20%Level 2 Access and profiling established28%30%30%Level 3 Predictive behavior

42、 established35%44%27%Level 4 Leverage orchestration and automation21%13%23%Unsure1%1%1%20222023202482024 State of Operational Technology and Cybersecurity ReportREPORTFewer respondents claimed that their organization has 100%OT systems visibility within their central cybersecurity operations,which h

43、as decreased since last year(from 10%to 5%),while those reporting about 75%visibility increased.This adjusted confidence in visibility may also indicate advancing OT security maturity,in that organizations are gaining a more realistic understanding of their posture,even if its that“they dont know wh

44、at they dont know.”As many organizations investigated the spike in security incidents over the last year,they likely discovered blind spots in their infrastructure.OT professionals continue to expand the array of cybersecurity features and protocols they utilize.Internal network segmentation,interna

45、l security training and education,and role-based access are the areas that show the most significant growth this year.While these investments signify progress,the sharp rise in successful intrusions this year underscores that more needs to be done to keep pace with the escalating volume of targeted

46、attacks against OT.Q:What percentage of your OT systems are visible within your organizations central cybersecurity operations?About 50%100%0%About 25%About 75%23%61%13%202228%59%10%202326%67%5%3%3%3%2024Q:What cybersecurity and security features do you have in place today?Network access control53%6

47、4%Manage and monitor security events/event analysis44%50%58%Network Operations Center(NOC)40%44%54%Scheduled security compliance reviews/audits44%40%41%Internal network segmentation35%44%60%Security Operations Center(SOC)47%53%56%Secure remote access48%40%54%Advanced persistent threat(sandbox,decept

48、ion)31%40%39%Remote management of physical security43%49%58%Internal security training and education41%44%56%Role-based access39%50%Security,Orchestration,Automation,and Response(SOAR)39%33%38%Threat intelligence34%24%31%20222023202492024 State of Operational Technology and Cybersecurity ReportREPOR

49、TOne of the more troubling maturity trends shows a regression in how OT systems figure into broader risk calculations.Respondents say that their OT security posture is becoming less influential in determining their organizations overall risk score.Most notably,there was a significant year-over-year

50、jump in respondents reporting that OT is“not a factor”in risk scoring,from only 1%in 2023 to 7%in 2024.Deep Dive into the 2024 SurveyQ:What cybersecurity measurements do you track and report?Organizations are increasingly monitoring and reporting a diverse range of cybersecurity metrics.However,one

51、notable exception was a steep decline in tracking intrusions detected and remediated,from 52%in 2023 to only 28%in 2024.Combined with the reality that intrusions affecting OT increased this year,this disparity between increased tracking of cybersecurity measurements and worsened detection of actual

52、intrusions may suggest that metrics may create a false sense of confidence.Q:Is the cybersecurity posture of OT included in the broader risk score that is shared with executive leadership and the board of directors?20222023202450%47%3%1%67%31%1%1%55%39%7%1%Yes;significant factor in risk scoreYes,mod

53、erate factor in risk scoreNo;not a factor in risk scoreDont knowTangible risk management outcomes47%51%70%Vulnerabilities found and blocked52%53%63%Cost reduction and/or avoidance48%42%63%Financial implications52%48%56%Productivity gains47%41%56%Intrusions detected and remediated54%52%28%20222023202

54、4102024 State of Operational Technology and Cybersecurity ReportREPORTQ:What OT cybersecurity issues are reported to senior/executive leadership?The practice of keeping senior leadership informed has increased considerably for nearly all OT cybersecurity issues,including compromises,scheduled assess

55、ments,and compliance requirements.One exception is that there has been a shift away from reporting the results of penetration and intrusion tests.These kinds of tests tend to be both expensive and involved;organizations may be investing less in this area in favor of increased cybersecurity metrics t

56、o determine their security posture.Q:What types of intrusions were experienced?As noted in the Critical Insights section,respondents reported a significant rise in intrusions this year.When asked about the specific causes behind these events,the biggest year-over-year increase was seen in phishing e

57、mails,a jump from 49%to 76%.The survey included a new category in 2024 for business email compromise,which also was a top intrusion type(seen at nearly two-thirds of all organizations).In addition,ransomware and wiper intrusions saw a spike in activity,rising from about one-third of respondents in 2

58、023 to over half in 2024.As FortiGuard Labs recently reported,ransomware volume isnt slowing down,with threat actors using more sophisticated and complex strains to infiltrate networks,largely thanks to the expansion of Ransomware-as-a-Service.8Findings also show that DDoS intrusions have doubled si

59、nce last year.The only category that saw a decline was malware.Security compromises48%44%73%Compliance with security standards53%53%71%Scheduled security assessments51%49%69%Compliance with industry regulations49%50%68%Results of penetration/intrusion tests47%50%38%202220232024Phishing email41%49%76

60、%Business email compromise*N/AN/A65%Ransomware/wiper*32%32%56%DDoS22%21%42%Malware44%56%38%202220232024*Changes in the 2024 survey:“Ransomware”was updated to“Ransomware/wiper.”A new category for“Business email compromise”was added.Categories for“Targeted Attack,”Mobile Security breach,”“Removable st

61、orage device/media,”“Insider Breaches:Unintentional,”and“Insider Breaches:Bad actor”were removed or moved to new questions.112024 State of Operational Technology and Cybersecurity ReportREPORTQ:What techniques were involved in the intrusion?We made some adjustments to the survey questions this year

62、to better separate techniques used by attackers from the type of intrusion.The findings show that multiple techniques were involved in the intrusions.Mobile security breaches and web compromises ranked highest,while insider breaches by bad actors were among the least common.*Before 2024,these answer

63、s were part of“What types of intrusions were experienced?”Q:What impact did the intrusion(s)have on your organization?On top of higher numbers of reported intrusions this year,the negative impacts that organizations experience due to an intrusion have also risen across the board.Findings show that t

64、he largest increases were in the degradation of brand awareness,jumping from about one-third to over one-half of organizations year-over-year.As regulatory obligations generally require public disclosure of breaches,the reputational effects can be unavoidable.Negative publicity may eventually reduce

65、 customer retention and revenue growth.9Operational outages that reduced productivity also affected more than half(55%)of organizations.Reported loss of business-critical data or intellectual property(IP)rose from 34%to 43%in 2024.Mobile security breach*37%36%62%Web/application compromiseN/A N/A59%I

66、nsider breaches:unintentional*32%26%50%Removeable storage device/media*29%25%50%IoT/network device compromiseN/A N/A48%Phishing/smishingN/A N/A41%Insider breaches:bad actor*29%12%13%202220232024Operational outage that affected productivity48%46%55%Brand awareness degradation34%34%52%Operational outa

67、ge that impacted revenue39%44%52%Operational outage that physical safety at risk42%42%48%Failure to meet compliance requirements35%40%44%Lost business-critical data/IP37%34%43%None5%3%3%202220232024122024 State of Operational Technology and Cybersecurity ReportREPORTQ:Which of your environments have

68、 been impacted by cybersecurity intrusions in the past year?The trend of intrusions increasingly impacting OT systems in some way continues to rise.In 2023,49%of respondents experienced an intrusion that impacted either OT systems only or both IT and OT systems.But this year,nearly three-fourths(73%

69、)of organizations are being impacted.We also saw a year-over-year increase in intrusions that only impacted OT systems(from 17%to 24%).Q:Compared to other intrusions,how concerned are you about ransomwares impact to your OT environment?Those who are“much more concerned”about ransomwares impact on th

70、eir environment versus other types of intrusions rose from 19%in 2022 and 2023 to 25%in 2024.However,the total percentage of respondents with higher concern about ransomware(those with“much higher”plus those with“somewhat higher”levels of concern)decreased slightly from 77%to 72%year-over-year.OT sy

71、stems,but not enterprise IT systems40%17%24%Enterprise IT systems,but not OT systems39%51%28%Both IT and OT systems were impacted21%32%49%202220232024Somewhat higher than other intrusionsSomewhat lower than other intrusionsMuch lower than other intrusionsMuch higher than other intrusionsSimilar to o

72、ther intrusions48%28%2%202258%18%3%202347%18%1%25%8%19%3%19%4%2024132024 State of Operational Technology and Cybersecurity ReportREPORTQ:What cybersecurity and security features do you have in place today?To enhance security measures against intrusions,OT professionals continue to expand the array o

73、f cybersecurity measures and technologies they utilize to raise the levels of cybersecurity at their organizations.This years responses show consistent growth in almost all categories,with significantly higher investment in solutions for internal network segmentation and role-based access controls a

74、nd program features that support internal security training and education.With IT-OT network convergence,organizations need to prevent common threats from accessing sensitive OT systems that were previously air-gapped.This requires comprehensive visibility,the ability to segment networks and protect

75、 network boundaries,and monitoring and controlling access to OT systems based on the users defined role.In combination,these capabilities support a zero-trust approach to security.As cybercriminal activity drives responsibility for OT security higher in leadership ranks,spend is also going up.While

76、increased investments are certainly a positive trend,the expanding scale,sophistication,and subsequent impacts of OT intrusions demonstrate that even more resources are needed to keep pace with the attack volume and effectively protect OT systems.Global ImpactQ:How is your success measured?(rank up

77、to five)Organizations measure their success in several ways,but“response time to security incidents/return-to-service time”was the top answer overall,and nearly half(46%)of respondents ranked this as a top-three success factor.Its worth highlighting that companies are measuring success based on reco

78、very.Whether this speaks to their desire to not pay ransoms in favor of restoring systems as a path toward recovery or paying them quickly with the hope that attackers will actually allow them to resume operations,embracing readiness to recover from incidents is a notable insight.Many businesses fin

79、d that cyber resilience,ensuring they can quickly respond to inevitable attacks by getting systems back up and running with minimal disruption,is a more realistic goal for their success.101st2nd3rd4th5th13%14%15%10%13%9%12%10%11%11%12%11%9%13%13%11%12%10%12%13%18%8%9%14%14%11%16%13%12%13%11%9%11%11%

80、8%8%9%16%15%11%Security incident response time/return to service timeEfficiency/productivity gainsCost efficiencySystem/process uptimeSecurity vulnerabilities response timeAlignment with business prioritiesProduction floor efficienciesSafety record20222023202435%41%46%33%45%42%43%42%40%33%36%39%39%3

81、5%35%33%31%35%34%36%33%32%27%30%Network access control53%64%Manage and monitor security events/event analysis44%50%58%Network Operations Center(NOC)40%44%54%Scheduled security compliance reviews/audits44%40%41%Internal network segmentation35%44%60%Security Operations Center(SOC)47%53%56%Secure remot

82、e access48%40%54%Advanced persistent threat(sandbox,deception)31%40%39%Remote management of physical security43%49%58%Internal security training and education41%44%56%Role-based access39%50%Security,Orchestration,Automation,and Response(SOAR)39%33%38%Threat intelligence34%24%31%202220232024142024 St

83、ate of Operational Technology and Cybersecurity ReportREPORTBest PracticesBased on this years survey results,weve assembled the following best practices:TIP:A combination of application-layer policies,OT vulnerability protections,and virtual patching can greatly reduce the exposure of vulnerable leg

84、acy systems.TIP:Implement a strategy for secure networking.Start with the basic steps of asset inventory and segmentation.Then consider more advanced controls such as OT threat protection and microsegmentation.1.Deploy segmentationReducing intrusions requires a hardened OT environment with strong ne

85、twork policy controls at all access points.This kind of defensible OT architecture starts with creating network zones or segments.Standards such as ISA/IEC 62443 specifically call for segmentation to enforce controls between OT and IT networks.11Teams should also evaluate the overall complexity of m

86、anaging a solution and consider the benefits of an integrated or platform-based approach with centralized management capabilities.4.Consider a platform approach to your overall security architectureTo address rapidly evolving OT threats and an expanding attack surface,many organizations have assembl

87、ed a broad array of security solutions from different vendors.This has yielded an overly complex security architecture that inhibits visibility while placing an increased burden on limited security team resources.A platform-based approach to security can help organizations consolidate vendors and si

88、mplify their architecture.A robust security platform with specific capabilities for both IT networks and OT environments can provide solution integration for improved security efficacy while enabling centralized management for enhanced efficiency.Integration can also provide a foundation for automat

89、ed responses to threats.2.Establish visibility and compensating controls for OT assetsOrganizations need the ability to see and understand everything thats on their OT networks.Once visibility is established,organizations then need to protect any devices that appear to be vulnerable.This requires pr

90、otective compensating controls that are purpose-built for sensitive OT devices.Capabilities such as protocol-aware network policies,system-to-system interaction analysis,and endpoint monitoring can detect and prevent compromise of vulnerable assets.3.Integrate OT into security operations(SecOps)and

91、incident response planningOrganizations should be maturing toward IT-OT SecOps.To get there,OT needs to be a specific consideration for SecOps and incident response plans,largely because of some of the distinctions between OT and IT environments,from unique device types to the broader consequences o

92、f an OT breach impacting critical operations.One key step in this direction is to have playbooks that include your organizations OT environment.This kind of advanced preparation will foster better collaboration across IT,OT,and production teams to adequately assess cyber and production risks.It can

93、also ensure that the CISO has proper awareness,prioritization,budget,and personnel allocations.TIP:Security tools with effective machine learning capabilities can empower data aggregation and analysis to detect and respond more quickly to potential threats.TIP:Security platforms featuring context-aw

94、are generative AI capabilities can help organizations further strengthen their security posture and increase operational efficiency with automated tools like troubleshooting device vulnerabilities and threat hunting analysis.5.Embrace OT-specific threat intelligence and security servicesOT security

95、depends on timely awareness and precise analytical insights about imminent risks.A platform-based security architecture should also apply threat intelligence for near-real-time protection against the latest threats,attack variants,and exposures.Organizations should ensure their threat intelligence a

96、nd content sources include robust,OT-specific information in their feeds and services.TIP:Your threat intelligence and security services should include specialized intrusion prevention system signatures designed to detect and block malicious traffic targeting OT applications and devices.152024 State

97、 of Operational Technology and Cybersecurity ReportREPORTMethodologyMost survey respondents have“plant operations”or“manufacturing operations”titles,with more than one-quarter(28%)being vice presidents or directors of plant operations.No matter their title,most of those surveyed are deeply involved

98、in cybersecurity purchase decisions.While more than half(58%)of these individuals still have the final say in OT purchase decisions,this years survey found that a rising number of organizations(38%,up from 28%in 2023)now make these decisions as a group.Study objectivesFortinet retained InMoment,a th

99、ird-party company with research expertise,to help us develop the persona of an OT professional.The survey they helped us create is intended to understand the following better:nHow the persona fits in organizationsnHow security features are utilizednHow information is tracked and reportednInfluences

100、and success factorsApproachA panel sample was used to obtain 558 completes with the following respondent type from a business of more than 1,000 employees(with select exceptions)in:nEnergy,utilitiesnHealthcare/pharmanTransportation,logisticsnManufacturingnChemical,petrochemicalnOil,gas,refining nWat

101、er,wastewaterOther sample participation criteria included:nOperations technology is within functional responsibilitynHas reporting responsibility for manufacturing or plant operationsnInvolved in cybersecurity purchase decisionsExpanded to global reach since 2022:nSurvey respondents were from differ

102、ent locations around the world,including Australia,New Zealand,Argentina,Brazil,Canada,Mainland China,France,Germany,Hong Kong,India,Japan,Mexico,Norway,South Africa,South Korea,Spain,Taiwan,Thailand,United Kingdom,and the United States,among others.162024 State of Operational Technology and Cyberse

103、curity ReportREPORTConclusionOT is essential to businesses and governments around the world,including critical infrastructure,healthcare systems,and manufacturing operations.The indispensable nature of OT and ICS systems is precisely what puts them at elevated risk.According to NIST,OT security obje

104、ctives typically prioritize integrity and availability,followed by confidentiality,but safety must also be considered as an overarching priority.12As the 2024 State of Operational Technology and Cybersecurity Report shows,there are positive signs that OT security is maturing in many organizations.Ho

105、wever,at the same time,some of the gains seen in the previous year slipped in the current survey cycle,with organizations experiencing more intrusions and OT becoming less of a factor in determining risk score.To reverse these trends,there must be renewed evangelism for protecting sensitive OT syste

106、ms and allocating resources for an effective,purpose-built security architecture.1 Keith Stouffer et al.,Guide to Operational Technology(OT)Security,NIST,September 2023.2 Ibid.3 Ryan Daws,Global agencies warn of increased cyberattacks against OT devices,IoTnews,May 2,2024.4 Global Threat Landscape R

107、eport,Fortinet,August 2023.5 Ibid.6 Ibid.7 Erik Gerding,Cybersecurity Disclosure,US Securities and Exchange Commission,December 14,2023.8 Douglas Jose Pereira dos Santos,Key Findings from the 1H 2023 FortiGuard Labs Threat Report,Fortinet,August 07,2023.9 Shashi Samar,The real impact of cybersecurit

108、y breaches on customer trust,CSO,July 3,2023.10 Beth Stackpole,Cybersecurity plans should center on resilience,MIT Sloan,March 27,2024.11 Maximillian Kon,How to Define Zones and Conduits,ISA,accessed May 7,2024.12 Keith Stouffer et al.,Guide to Operational Technology(OT)Security,NIST,September 2023.

109、2024 State of Operational Technology and Cybersecurity ReportREPORTCopyright 2024 Fortinet,Inc.All rights reserved.Fortinet,FortiGate,FortiCare and FortiGuard,and certain other marks are registered trademarks of Fortinet,Inc.,and other Fortinet names herein may also be registered and/or common law t

110、rademarks of Fortinet.All other product or company names may be trademarks of their respective owners.Performance and other metrics contained herein were attained in internal lab tests under ideal conditions,and actual performance and other results may vary.Network variables,different network enviro

111、nments and other conditions may affect performance results.Nothing herein represents any binding commitment by Fortinet,and Fortinet disclaims all warranties,whether express or implied,except to the extent Fortinet enters a binding written contract,signed by Fortinets General Counsel,with a purchase

112、r that expressly warrants that the identified product will perform according to certain expressly-identified performance metrics and,in such event,only the specific performance metrics expressly identified in such binding written contract shall be binding on Fortinet.For absolute clarity,any such wa

113、rranty will be limited to performance in the same ideal conditions as in Fortinets internal lab tests.Fortinet disclaims in full any covenants,representations,and guarantees pursuant hereto,whether express or implied.Fortinet reserves the right to change,modify,transfer,or otherwise revise this publication without notice,and the most current version of the publication shall be June 12,2024 3:27 PM2651469-0-0-EN