The importance of securing critical assets and operational technology

By Jess Ng, Country Head of Singapore and Brunei, Fortinet

The convergence of information technology (IT) and operational technology (OT) has revolutionised the tech industry, offering numerous benefits such as data accessibility, process simplification, scalability, cost reduction, and organisational integration. However, concerns regarding the associated risks have been raised. The merging of IT and OT environments creates new avenues for cyberattacks, as demonstrated by a 20% increase in system intrusions reported by global plant and OT leaders.

According to IDC’s Asia-Pacific SASE survey commissioned by Fortinet, 79% of respondents have experienced at least a 2X increase in security incidents, with about 20% of companies experiencing at least a 5X rise in breaches. The top security incidents include phishing, denial of service, data/identity theft, ransomware, and data loss.

Understanding the risks

It is essential to acknowledge the potential vulnerabilities that accompany the convergence of IT and OT. Fortinet’s global survey of plant and OT leaders found a 20% increase in system intrusions from the previous year, as network environments transition away from closed to open systems. These statistics emphasise the urgency of addressing these risks across all countries including Asia.

Importance of securing OT

It is crucial for organisations to prioritise the security of critical assets and operational technologies. According to Kroll, data loss and business interruptions, the top concerns for 55% and 52% of local organisations respectively, underscore the need for robust cybersecurity strategies. Moreover, the impact of reputational damage, slightly below these concerns at 41%, emphasises the real consequences of security breaches.

Addressing legacy blind spots

In our ongoing efforts to secure OT environments, it is essential to recognise and tackle the challenges stemming from legacy SCADA and ICS devices. One significant drawback of legacy systems lies in their limited built-in security controls, making it arduous to patch or monitor these devices effectively. Even when patches are available, the costs of maintenance can be prohibitively high, and the implementation process may stretch over several years.

Navigating the challenges of OT security

As OT environments increasingly integrate with IT systems for external access, the risk of cyberattacks becomes a pressing concern. These threats encompass a range of attacks, from recycled IT malware like EKANS ransomware to targeted OT attacks exemplified by Stuxnet, as well as lateral movements that exploit vulnerabilities in both IT and OT networks. Adding to the complexity, legacy OT systems often lack the capability to patch zero-day threats.

Overcoming these challenges necessitates a pivot towards a comprehensive security infrastructure that addresses the unique requirements of OT environments. This entails implementing robust security measures tailored specifically for OT systems, such as intrusion detection systems, network segmentation, and real-time monitoring. These solutions provide enhanced visibility and control over OT networks, ensuring that potential vulnerabilities are promptly detected and addressed.

Investing in advanced threat intelligence and analytics capabilities enables proactive threat detection and response, mitigating the risk of cyberattacks. By leveraging these technologies, organisations can identify anomalous activities, detect potential intrusions, and respond swiftly to minimise the impact on critical assets and operational technologies.

Furthermore, organisations must prioritise regular assessments and audits to identify potential weaknesses and ensure timely mitigation of vulnerabilities. Additionally, investing in advanced threat intelligence and analytics enables early detection of emerging threats, facilitating proactive incident response and minimising the impact on critical assets.

Education and training are also vital components of an effective OT security strategy. By fostering a culture of cybersecurity awareness among employees and stakeholders, organisations can create a strong line of defence against social engineering attacks and human errors that could compromise OT systems.

In conclusion, the importance of securing critical assets and operational technologies from cyberattacks cannot be overstated. With the increasing integration of IT and OT, organisations must confront the unique challenges posed by OT security. By embracing a comprehensive and tailored approach to OT security, regional organisations can protect their critical assets, mitigate risks, and ensure the continued resilience of their operations in the face of evolving cyberthreats.

*ICS refers to industrial control systems.

SASE is an acronym for secure access service edge.

SCADA stands for supervisory control and data acquisition.

Comments

Post a Comment

Popular posts from this blog

Fortinet enhances FortiRecon to align with CTEM framework

Fortinet, the global cybersecurity provider driving the convergence of networking and security, has turned the FortiRecon platform into a comprehensive solution aligned with the continuous threat exposure management (CTEM) framework. The latest release introduces expanded internal attack surface monitoring, adversary-centric dark web intelligence, and security orchestration, all in a unified platform. These enhancements help organisations proactively identify and prioritise real-world exposures, validate risks like an attacker would, and accelerate response. “CISOs and security teams are overwhelmed by growing attack surfaces and an endless stream of unprioritised alerts,” said Nirav Shah, Senior VP of Products and Solutions at Fortinet. “With the latest enhancements to FortiRecon , we’re giving organisations an attacker’s eye view of their internal and external exposures, backed by AI-powered threat intelligence from FortiGuard Labs, real-world validation, and automated response...
Read more

SentinelOne recognised as a 2025 Gartner Peer Insights Customers’ Choice for XDR

SentinelOne, a global provider of AI-powered security, has been named a Customers’ Choice in the 2025 Gartner Peer Insights ‘Voice of the Customer’ for Extended Detection and Response (XDR) report* – one of only two companies with this distinction. A hundred and forty-four users reviewed SentinelOne's Singularity Platform, and 97% said they would recommend the solution to respond to threats across endpoints with AI-powered security, while 97% rated the solution four stars or better.** “With the growing complexity of cyberthreats, organisations need more than siloed security—they need AI-powered, autonomous protection that delivers real-time detection and response across their entire attack surface. Customers have made it clear that SentinelOne’s XDR provides the intelligence, automation, and efficiency they need to stay ahead of threats and secure their environments with confidence,” said Ely Kahn, VP, Product Management, SentinelOne. Gartner defines extended detection and ...
Read more

AWS: AI adoption grows 20% in Singapore

Image
Amazon Web Services (AWS), an Amazon.com company, has found* that AI adoption continues to accelerate in Singapore. In the past year alone, 27,000 1 Singapore businesses adopted AI for the first time—equivalent to over three new adopters every hour. In sum, nearly 170,000 (48%) of businesses in Singapore have adopted AI 2 , up from approximately 143,000 (40%) a year ago. This represents a 20% year-over-year growth rate, AWS said. AI adoption is the strongest in the financial services industry (71%), followed by the technology sector ( software developers, data analytics firms, cloud service providers, and digital startups) at 70%, and healthcare at 63%. Among Singapore’s businesses that have adopted AI, 82% reported an increase in revenue, at an average increase of 19%, while 90% report significant productivity improvements. A large majority (85%) of those who have adopted AI say the technology is likely to increase their growth in the next year, and 89% expect an average of 17%...
Read more