A new report shows three-fourths of operational technology (OT) organizations reported at least one intrusion in the last year, with 56% from malware and 49% from phishing.

Fortinet recently released the 2023 State of Operational Technology and Cybersecurity Report, the results of which represent the current state of operational technology (OT) security and provides some best practices to help IT and security teams secure their environments. 

The report, based on data from a worldwide survey of 570 OT professionals, was conducted by a third-party research company.

Key report highlights:

  • While the number of organizations that did not incur a cybersecurity intrusion improved — from 6% in 2022 to 25% in 2023 — there is still room for improvement. In fact, three-fourths of OT organizations reported at least one intrusion in the last year. Intrusions from malware (56%) and phishing (49%) were the most common type of incidents reported, and 32% of respondents reported being victims of a ransomware attack in the last year, same as in 2022.
  • In 2023, the number of respondents who consider their organization's OT security posture as “highly mature” fell to 13% from 21% the year before, suggesting growing awareness among OT professionals and more effective tools for self-assessing their organizations’ cybersecurity capabilities. 32% of respondents indicated that both IT and OT systems were impacted by a cyberattack, up from 21% last year.
  • Nearly 80% of respondents reported having greater than 100 IP-enabled OT devices in their OT environment, highlighting what a challenge it is for security teams to secure an ever-expanding threat landscape. Survey findings revealed that cybersecurity solutions continue to aid in the success of most (76%) OT professionals, particularly by improving efficiency (67%) and flexibility (68%). However, report data also indicates that solution sprawl makes it more difficult to consistently incorporate, employ, and enforce policies across an increasingly converged IT/OT landscape. And the problem compounds with aging systems, with 74% of organizations reporting that the average age of ICS systems across their organization are between 6 and 10 years old.
  • Report findings suggest OT organizations are continuing to prioritize cybersecurity with 95% of organizations planning on placing the responsibility for OT cybersecurity under a chief information security officer (CISO) in the next 12 months rather than an operations executive or team. The findings also reveal that OT cybersecurity professionals now come from IT security leadership rather than product management, and influence on cybersecurity decisions is shifting away from operations and to other leaders, especially CISO/CSO roles.