Respondents from OT organizations with more than 1,000 employees were polled
Based on data from a 2023 global survey of more than 550 professionals in the Operational Technology field* about IT and cybersecurity in the 12 months prior to the poll, several key findings were disclosed.
First, respondents that had experienced an intrusion that impacted either OT systems only, or both IT and OT systems, had increased from 49% (similar 12-month survey held in 2023) to 73% (2024 survey), showing a year-over-year increase in intrusions that only impacted OT systems. Some 46% of respondents indicated that they measured success based on the recovery time needed to resume normal operations.
Second, 31% of respondents reported more than six intrusions, compared to only 11% in a previous year’s survey of a similar nature.Mosttypes of intrusions showed an increase, except for a decline in malware. Phishing and compromised business email intrusions were the most common, while the most common techniques used were mobile security breaches and web compromise.
Third, the proportion of respondents claiming that their organization had complete visibility of OT systems within their central security operations had decreased by 5% since the last survey. The proportion reporting 75% visibility showed an increase. Also, 56% of respondents had cited experiencing ransomware or wiper intrusions — an increase from the 32% in a similar 2023 survey).
Finally, the percentage of respondents citing their aligning of OT security with their CISO had increased from 17% to 27% based on year-on-year survey data. At the same time, there was an increase to move OT responsibility to other C-suite roles (CIO, CTO and COO), to around 60% or more in the next 12 months. For respondents whose CIOs were not outright responsible, there was an upward shift of these responsibilities from, say, theDirector of Network Engineering, to the Vice President of Operations role.
According to the firm that commissioned the survey, Fortinet, this elevation into the executive ranks and below, regardless of the title of the individual overseeing OT security, may suggest that OT security among the respondents was becoming a higher-profile topic at the board level.
*from Australia, New Zealand, Argentina, Brazil, Canada, China, France, Germany, Hong Kong, India, Japan, Mexico, Norway, South Africa, South Korea, Spain, Taiwan, Thailand, the United Kingdom, and the United States, among others, in organizations of more than 1,000 employees. No poll dates were specified.
