Cybersecurity Gaps Threaten Operational Technology Systems

Cyberattacks continue to plague operational technology (OT) systems, according to new research from Forrester. In a survey conducted among 262 OT security decision-makers, a staggering 91% reported experiencing at least one breach or system failure due to cyberattacks in the past 18 months. These incidents not only disrupt essential services but also lead to reputational damage and significant regulatory and financial repercussions.

The findings shed light on the inadequacies of current OT security strategies. Despite many vendors implementing products designed with security in mind through Secure by Design principles, these measures alone fall short in protecting the intricate operational environments where various systems and assets must function cohesively. The report urges a fundamental shift towards a Secure by Operations strategy, emphasizing the need for continuous protection throughout the lifecycle of OT assets.

A significant concern highlighted in the survey is the lack of comprehensive OT cybersecurity strategies among organizations. Only 40% of respondents indicated that their company has a strategy that encompasses all interconnected assets and systems. Nearly half are still developing such a strategy, while 13% reported having no formal security plan in place. Among those lacking a structured approach, more than half depend on IT practices that may not align with the specific performance and safety requirements of industrial systems.

Visibility into OT environments presents another major challenge. The survey revealed that 64% of respondents do not have adequate visibility across their networks of connected OT assets and systems. Furthermore, 71% acknowledged that their OT settings serve as vulnerable entry points for broader attacks on their organizations’ networks. This deficiency in visibility and strategic planning leads to operational inefficiencies and security vulnerabilities.

Less than half of the organizations possess the capability to continuously monitor OT systems, restrict access to critical assets, or manage security controls such as patching throughout the asset lifecycle. These gaps not only expose systems to potential attacks but also increase the risk of misconfigurations that could disrupt essential services.

“To close the widening OT cybersecurity gap, organizations must combine internal capabilities with external partnerships that bring specialized, operationally aware expertise,” stated Jay Abdallah, President of Cybersecurity Solutions at Schneider Electric. The Secure by Operations framework expands upon the Secure by Design approach by advocating for ongoing cybersecurity management beyond initial product development and deployment. It calls for continuous monitoring, secure configurations, and clearly defined roles among technology providers, system integrators, and asset owners.

The study found strong support for this proactive approach, with three-quarters of respondents expressing that adopting Secure by Operations principles is crucial for mitigating future OT cyberattacks. Respondents anticipate a range of benefits, including faster recovery times, longer asset lifespans, reduced capital costs, and improved compliance.

Implementing a Secure by Operations strategy necessitates significant resources and expertise. Many organizations are addressing this gap by recruiting dedicated OT security professionals, training existing staff, and collaborating with managed security service providers (MSSPs). These partnerships offer monitoring, compliance support, and incident response capabilities that can be challenging for organizations to develop independently.

In light of the increasing frequency and severity of cyber threats targeting operational technology, it is imperative for organizations to adopt a comprehensive and continuous approach to cybersecurity. By doing so, they can better safeguard essential services and enhance their overall resilience against emerging threats.