Fortinet's solution integrates OT security solutions with best-of-breed threat protection

Rajesh Maurya, Regional Vice President, India & SAARC, Fortinet

Impact of cyber-attacks on the critical infrastructure of companies

For countless health and safety reasons, it’s vital to keep critical infrastructure running, yet according to the Fortinet 2021 State of Operational Technology and Cybersecurity survey, 9 out of 10 OT organizations experienced at least one intrusion in the past year. The problem is that because IT and OT networks are increasingly interconnected, almost any access point could be a target to gain entry to the corporate infrastructure. It’s clear that attacks on OT infrastructure are not going to slow down. Within OT organizations, 58% reported phishing attacks, up from 43% the previous year. There also was an increase in insider breaches at 42%, which is up from 18% last year.

Managing critical events and emergency incidents

To prevent the lateral spread of an incident across the network, organizations should already have intent-based segmentation and zero-trust protocols in place. Intent-based segmentation logically separates systems, devices, and data based on business requirements, and are critical in preventing a system-wide incident. 

Once malware or other elements of a breach have been detected, care needs to be taken to ensure that they are entirely removed from the network. Tools that modify shared libraries or files that modify applications or code, or that exploit existing software tools – a technique known as living off the land – can make it especially challenging to identify and remove all elements of an attack. As a result, quick mitigations will need to take place to ensure that the attacker is not able to compromise the system again. This is accomplished by taking the information gleaned from prior steps and immediately addresses issues that led to the breach, such as reconfiguring a device, installing a missing patch, or resetting compromised credentials.

Finally, after an incident has been contained and eradicated, recovery needs to take place using good backups. Recovery teams should be able to bring essential systems back online as soon as possible. IT teams should also be aware that it can be difficult to totally eliminate embedded threats, especially those designed to evade detection, so it is always a good idea to increase security monitoring for several weeks after a breach recovery to ensure the threat is completely removed.

The solutions to protect the infrastructure

Fortinet’s solution integrates OT security solutions with best-of-breed threat protection for corporate IT environments that extend from the data center, to the cloud, to the network perimeter. It also provides visibility, control, and automated at speed analytics detection within the OT environment while provisioning built-in support for industry standards. Additionally, it minimizes complexity and reduces the operating expense (OpEx) of OT security management, when compared to point security solutions in siloed IT and OT environments. By designing security into complex infrastructure via the Fortinet Security Fabric, organizations have an efficient, non-disruptive way to ensure that the OT environment is protected and compliant.