Operational technology (OT) can often be a cybersecurity weak spot for enterprises, relying as it does on older hardware and operating systems that are hard to update.
It’s no surprise then that a new report from Fortinet shows there has been a significant increase in the global trend towards corporations planning to integrate cybersecurity under the CISO or other executives.
“The seventh installment of the Fortinet State of Operational Technology and Cybersecurity Report shows that organizations are taking OT security more seriously. We see this trend reflected in a notable increase in the assignment of responsibility for OT risk to the C-suite, alongside an uptick in organizations self-reporting increased rates of OT security maturity,” says Nirav Shah, senior vice president, products and solutions, at Fortinet. “Alongside these trends, we’re seeing a decrease in the impact of intrusions in organizations that prioritize OT security. Everyone from the C-suite on down needs to commit to protecting sensitive OT systems and allocating the necessary resources to secure their critical operations.”
More than half (52 percent) of organizations report that the CISO/CSO is responsible for OT, up from just 16 percent in 2022. For all C-suite roles, this has spiked to 95 percent. Additionally, the number of organizations intending to move OT cybersecurity under CISO in the next 12 months has increased from 60 percent to 80 percent in 2025.
OT security is improving too with organizations that have improved their stance reporting seeing fewer attacks or saying that they are better able to handle lower-sophistication tactics, such as phishing.
Best practices include incorporating threat intelligence, which spiked (49 percent) since 2024. Additionally, the report saw a significant decrease in the number of OT device vendors, which is a sign of maturity and operational efficiency. More organizations (78 percent) are now using only between one and four OT vendors, which indicates that many of these organizations are consolidating vendors as part of their best practices. Cybersecurity vendor consolidation is also a sign of maturity and corresponds to Fortinet customer experiences with the Fortinet OT Security Platform. Unified networking and security at remote OT sites enhanced visibility and reduced cyber risks, leading to a 93 percent reduction in cyber incidents compared to a flat network.
The full report is available from the Fortinet site.
Image credit: qerest/depositphotos.com
