Critical Operational Technology (OT) assets are becoming increasingly vulnerable as industrial environments become more interconnected with external and internal apps, devices, and corporate IT networks, expanding the attack surface enormously.
According to the Fortinet 2022 “State of OT and Cybersecurity Report,” a staggering 93% of enterprises experienced at least one security breach in the previous year, with 61% of those breaches affecting OT infrastructure. Critical infrastructure, resources, and services that sustain everything from individual communities to large nations can be jeopardised by security breaches. The lack of visibility and the inability to respond in real-time present significant security concerns that must be mitigated by the integration of tools and procedures into an organisation's OT security strategy.
Due to these staggering numbers, Fortinet has announced an expansion of the Fortinet Security Fabric for OT that includes new and improved solutions and services designed specifically for OT environments. Businesses may use Fortinet to efficiently reduce cyber risk in both their IT and operational technology infrastructures thanks to the company's platform of integrated solutions.
Securing OT Environments With the Fortinet Security Fabric for OT
In order to facilitate IT/OT convergence and communication, Fortinet has designed its OT solutions to be natively integrated throughout the whole Fortinet Security Fabric platform. This enables Security Operations Centre (SOC) teams to respond more quickly and effectively across all sites, including but not limited to, manufacturing facilities, distribution centres, off-site offices, and mobile equipment.
New specialised products include:
The new FortiGate 70F Rugged Next-Generation Firewall (NGFW) is the latest addition to Fortinet's tough portfolio, and it is ideal for demanding situations thanks to its small footprint and unified networking and security functionality on a single CPU. The 70F includes native integration with SD-WAN, universal Zero-Trust Network Access (ZTNA), and LAN edge controllers, and it is powered by Artificial Intelligence (AI) to provide enterprise-grade security services for protecting content, web, and devices. Via a connection with FortiExtender, 5G support is also made available.
Fortinet's deception technology, FortiDeceptor, is now available in a robust appliance, the FortiDeceptor Rugged 100G, that can withstand the rigours of a factory or other industrial setting. New OT/IoT/IT decoys are also available in FortiDeceptor (appliance and VM) to accommodate a wide range of settings. FortiDeceptor's on-demand deception decoy creation based on newly identified vulnerabilities or suspicious activity provides automated, dynamic protection across OT/IoT/IT settings, making it ideal for fending off new threats as they emerge.
Secure remote access is made possible by FortiPAM Privileged Access Management, which provides IT and OT ecosystems with enterprise-grade privileged access management. Workflow-based approvals and session video recording are two of the ways in which remote access to important assets is governed and monitored for safety and efficiency. The password vault in FortiPAM can store and manage all credentials in an encrypted format while also facilitating safe file sharing. For Zero-Trust Network Authentication (ZTNA), Single Sign-On (SSO), and Multi-Factor Authentication (MFA), can be integrated with FortiClient, FortiAuthenticator, and FortiToken.
New enhancements providing SOC teams with faster time to respond in OT and IT environments include:
Security event correlation and mapping to the Purdue Model are now available on the FortiSIEM unified security analytics dashboards. There are built-in parsers for OT security solutions, a MITRE ATT&CK for ICS (Industrial Control System) dashboard for analysing threats in the OT sector, and support for data diode technologies.
There are new additions to FortiSOAR that facilitate security automation and orchestration in both IT and OT settings, hence reducing alert fatigue. These capabilities include MITRE ATT&CK for ICS threat analysis, OT-specific playbooks for remediating threats, improved integration and connectors for OT threat intelligence, and IT/OT dashboards mapped to the Purdue Model hierarchy.
More than two thousand application control signatures for OT apps and protocols that support deep packet inspection have been added to the FortiGuard Industrial Security Service. FortiGate's next-generation intrusion prevention technology can virtually patch vulnerable assets thanks to the service's inclusion of intrusion protection signatures for more than 500 identified ICS vulnerabilities.
New OT-specialised assessments and readiness services to stay ahead of threats include:
Organisations can enhance their OT environment security with the help of Fortinet's Cyber Threat Assessment Program (CTAP) for OT, which verifies the efficiency and efficacy of OT network security, verifies application flows and includes assistance from industry experts.
Facilitators from the FortiGuard Incident Response team lead OT Tabletop Exercises for OT Security Teams, drawing on their knowledge of threats, mitigation strategies, and incident response. Organisational incident response plans are put to the test through a series of realistic operational technology (OT) attack scenarios in these exercises.
An Integrated Approach to OT Security
This series of news comes as a continuation of Fortinet's dedication to its OT clientele, with the company now offering cyber-physical security solutions as part of its Fortinet Security Fabric for OT. As businesses develop their IT/OT Network Operations Centre (NOC) and Security Operations Centre (SOC), they can take advantage of FortiGuard Labs' threat intelligence, increased security operations management, and more than 500 technology integrations with more than 300 Fabric-Ready Technology Alliance partners.